Skip to main content

CWE-1260

Improper Handling of Overlap Between Protected Memory Ranges

14 CVEs Avg CVSS 7.1 MITRE
1
CRITICAL
3
HIGH
8
MEDIUM
0
LOW
9
POC
0
KEV

Monthly

CVE-2018-25240 MEDIUM POC This Month

Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Microsoft
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25238 MEDIUM POC This Month

Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Microsoft
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2019-25602 MEDIUM POC This Month

GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Gsearch
NVD Exploit-DB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2019-25592 MEDIUM POC This Month

PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Phprunner
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2019-25585 PyPI MEDIUM POC This Month

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Deluge
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2019-25572 MEDIUM POC This Month

NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Nordvpn
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2019-25570 MEDIUM POC This Month

RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Realterm
NVD Exploit-DB VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2019-25559 MEDIUM POC This Month

SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Spotpaltalk
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2025-29948 Monitor

Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.

Authentication Bypass
NVD
EPSS
0.0%
CVE-2025-0012 Monitor

Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.

Information Disclosure
NVD
EPSS
0.0%
EPSS 0% CVSS 6.9
MEDIUM POC This Month

Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Microsoft
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Microsoft
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.8
MEDIUM POC This Month

GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Gsearch
NVD Exploit-DB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Phprunner
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.2
MEDIUM POC This Month

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Deluge
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Nordvpn
NVD Exploit-DB VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Realterm
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.8
MEDIUM POC This Month

SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Spotpaltalk
NVD Exploit-DB VulDB
EPSS 0%
Monitor

Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.

Authentication Bypass
NVD
EPSS 0%
Monitor

Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.

Information Disclosure
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy