CWE-1260
AllowedImproper Handling of Overlap Between Protected Memory Ranges
Abstraction: Base · Status: Stable
The product allows address regions to overlap, which can result in the bypassing of intended memory protection.
27 vulnerabilities reference this CWE, most recent first.
CVE-2018-25240 (GCVE-0-2018-25240)
Vulnerability from cvelistv5 – Published: 2026-04-04 13:51 – Updated: 2026-04-06 19:05- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/46194 | exploit |
| https://www.microsoft.com/store/productId/9PN12GNX62VZ | product |
| https://www.vulncheck.com/advisories/watchr-denia… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25240",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T19:02:53.925832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T19:05:28.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Watchr",
"vendor": "Watchr",
"versions": [
{
"status": "affected",
"version": "1.1.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "0xB9"
}
],
"datePublic": "2018-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-04T19:59:51.833Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46194",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46194"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://www.microsoft.com/store/productId/9PN12GNX62VZ"
},
{
"name": "VulnCheck Advisory: Watchr 1.1.0.0 Denial of Service via Search",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/watchr-denial-of-service-via-search"
}
],
"title": "Watchr 1.1.0.0 Denial of Service via Search",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25240",
"datePublished": "2026-04-04T13:51:07.827Z",
"dateReserved": "2026-04-04T13:16:34.636Z",
"dateUpdated": "2026-04-06T19:05:28.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25238 (GCVE-0-2018-25238)
Vulnerability from cvelistv5 – Published: 2026-04-04 13:51 – Updated: 2026-04-06 18:02- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/46385 | exploit |
| https://www.microsoft.com/store/productId/9NC1RLNH76PB | product |
| https://www.vulncheck.com/advisories/vsco-denial-… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25238",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T17:54:12.768476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T18:02:54.326Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VSCO",
"vendor": "vsco",
"versions": [
{
"status": "affected",
"version": "1.1.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "0xB9"
}
],
"datePublic": "2018-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-04T19:59:50.254Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46385",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46385"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://www.microsoft.com/store/productId/9NC1RLNH76PB"
},
{
"name": "VulnCheck Advisory: VSCO 1.1.1.0 Denial of Service via Search",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/vsco-denial-of-service-via-search"
}
],
"title": "VSCO 1.1.1.0 Denial of Service via Search",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25238",
"datePublished": "2026-04-04T13:51:06.397Z",
"dateReserved": "2026-04-04T13:15:48.251Z",
"dateUpdated": "2026-04-06T18:02:54.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
GHSA-34CH-J427-VRM7
Vulnerability from github – Published: 2026-02-10 21:31 – Updated: 2026-02-10 21:31Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.
{
"affected": [],
"aliases": [
"CVE-2025-29948"
],
"database_specific": {
"cwe_ids": [
"CWE-1260"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-10T20:16:44Z",
"severity": "MODERATE"
},
"details": "Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.",
"id": "GHSA-34ch-j427-vrm7",
"modified": "2026-02-10T21:31:31Z",
"published": "2026-02-10T21:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29948"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-37WW-CVHX-X8P9
Vulnerability from github – Published: 2026-04-04 15:30 – Updated: 2026-04-04 21:30Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash.
{
"affected": [],
"aliases": [
"CVE-2018-25240"
],
"database_specific": {
"cwe_ids": [
"CWE-1260"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-04T14:16:19Z",
"severity": "MODERATE"
},
"details": "Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash.",
"id": "GHSA-37ww-cvhx-x8p9",
"modified": "2026-04-04T21:30:26Z",
"published": "2026-04-04T15:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25240"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/46194"
},
{
"type": "WEB",
"url": "https://www.microsoft.com/store/productId/9PN12GNX62VZ"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/microsoft-watchr-denial-of-service-via-search"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/watchr-denial-of-service-via-search"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-5427-6CG5-37H6
Vulnerability from github – Published: 2025-03-04 15:31 – Updated: 2025-11-03 21:33Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, and Firefox ESR < 128.8.
{
"affected": [],
"aliases": [
"CVE-2025-1937"
],
"database_specific": {
"cwe_ids": [
"CWE-1260"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-04T14:15:38Z",
"severity": "HIGH"
},
"details": "Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 136, Firefox ESR \u003c 115.21, and Firefox ESR \u003c 128.8.",
"id": "GHSA-5427-6cg5-37h6",
"modified": "2025-11-03T21:33:04Z",
"published": "2025-03-04T15:31:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1937"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00006.html"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-14"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-15"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-16"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-17"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-18"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/03/10/6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8M9X-GFWW-F5VW
Vulnerability from github – Published: 2026-03-21 15:33 – Updated: 2026-03-21 15:33RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash.
{
"affected": [],
"aliases": [
"CVE-2019-25570"
],
"database_specific": {
"cwe_ids": [
"CWE-1260"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-21T13:16:20Z",
"severity": "MODERATE"
},
"details": "RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash.",
"id": "GHSA-8m9x-gfww-f5vw",
"modified": "2026-03-21T15:33:24Z",
"published": "2026-03-21T15:33:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25570"
},
{
"type": "WEB",
"url": "https://realterm.sourceforge.io"
},
{
"type": "WEB",
"url": "https://sourceforge.net/projects/realterm/files"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/46390"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/realterm-serial-terminal-denial-of-service-via-port-field"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CPMC-G47Q-X324
Vulnerability from github – Published: 2022-05-24 16:53 – Updated: 2024-08-01 15:31An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1159.
{
"affected": [],
"aliases": [
"CVE-2019-1164"
],
"database_specific": {
"cwe_ids": [
"CWE-1260"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-14T21:15:00Z",
"severity": "HIGH"
},
"details": "An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka \u0027Windows Kernel Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-1159.",
"id": "GHSA-cpmc-g47q-x324",
"modified": "2024-08-01T15:31:14Z",
"published": "2022-05-24T16:53:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1164"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1164"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQG2-35MM-6458
Vulnerability from github – Published: 2026-03-21 15:33 – Updated: 2026-03-21 15:33NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.
{
"affected": [],
"aliases": [
"CVE-2019-25572"
],
"database_specific": {
"cwe_ids": [
"CWE-1260"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-21T13:16:21Z",
"severity": "MODERATE"
},
"details": "NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.",
"id": "GHSA-cqg2-35mm-6458",
"modified": "2026-03-21T15:33:24Z",
"published": "2026-03-21T15:33:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25572"
},
{
"type": "WEB",
"url": "https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe"
},
{
"type": "WEB",
"url": "https://nordvpn.com"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/46343"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/nordvpn-denial-of-service-via-email-field-buffer-overflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-G8W3-F2WW-WPCC
Vulnerability from github – Published: 2026-04-04 15:30 – Updated: 2026-04-04 21:30Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.
{
"affected": [],
"aliases": [
"CVE-2018-25238"
],
"database_specific": {
"cwe_ids": [
"CWE-1260"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-04T14:16:19Z",
"severity": "MODERATE"
},
"details": "Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.",
"id": "GHSA-g8w3-f2ww-wpcc",
"modified": "2026-04-04T21:30:26Z",
"published": "2026-04-04T15:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25238"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/46385"
},
{
"type": "WEB",
"url": "https://www.microsoft.com/store/productId/9NC1RLNH76PB"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/microsoft-vsco-denial-of-service-via-search"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/vsco-denial-of-service-via-search"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-HWV9-R628-99XX
Vulnerability from github – Published: 2026-03-22 15:31 – Updated: 2026-03-22 15:31GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash.
{
"affected": [],
"aliases": [
"CVE-2019-25602"
],
"database_specific": {
"cwe_ids": [
"CWE-1260"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-22T14:16:27Z",
"severity": "MODERATE"
},
"details": "GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash.",
"id": "GHSA-hwv9-r628-99xx",
"modified": "2026-03-22T15:31:28Z",
"published": "2026-03-22T15:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25602"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/47026"
},
{
"type": "WEB",
"url": "https://www.microsoft.com/store/productId/9NDTMZKLC693"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/gsearch-denial-of-service-via-search-input"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
Ensure that memory regions are isolated as intended and that access control (read/write) policies are used by hardware to protect privileged software.
Mitigation
- For all of the programmable memory protection regions, the memory protection unit (MPU) design can define a priority scheme.
- For example: if three memory regions can be programmed (Region_0, Region_1, and Region_2), the design can enforce a priority scheme, such that, if a system address is within multiple regions, then the region with the lowest ID takes priority and the access-control policy of that region will be applied. In some MPU designs, the priority scheme can also be programmed by trusted software.
- Hardware logic or trusted firmware can also check for region definitions and block programming of memory regions with overlapping addresses.
- The memory-access-control-check filter can also be designed to apply a policy filter to all of the overlapping ranges, i.e., if an address is within Region_0 and Region_1, then access to this address is only granted if both Region_0 and Region_1 policies allow the access.
CAPEC-456: Infected Memory
An adversary inserts malicious logic into memory enabling them to achieve a negative impact. This logic is often hidden from the user of the system and works behind the scenes to achieve negative impacts. This pattern of attack focuses on systems already fielded and used in operation as opposed to systems that are still under development and part of the supply chain.
CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections
An adversary takes advantage of missing or incorrectly configured access control within memory to read/write data or inject malicious code into said memory.