Common Vulnerabilities and Exposures (CVE)

CVE-2018-25243

Apr 4, 2026 19:59:54 UTC

FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 1900 characters into the ...

CVE-2018-25242

Apr 4, 2026 19:59:53 UTC

One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more charact...

CVE-2018-25241

Apr 4, 2026 19:59:52 UTC

VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of characters ...

CVE-2018-25240

Apr 4, 2026 19:59:51 UTC

Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the se...

CVE-2018-25239

Apr 4, 2026 19:59:50 UTC

Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the search interface. Attackers can paste a buffer of 2100 characters into the top right...

CVE-2018-25238

Apr 4, 2026 19:59:50 UTC

VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the...

CVE-2016-20061

Apr 4, 2026 19:59:49 UTC

sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can insert a malicious executable in the unquote...

CVE-2016-20060

Apr 4, 2026 19:59:48 UTC

Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path...

CVE-2016-20059

Apr 4, 2026 19:59:48 UTC

IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted se...

CVE-2016-20058

Apr 4, 2026 19:59:47 UTC

Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the...

CVE-2016-20057

Apr 4, 2026 19:59:46 UTC

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious exe...

CVE-2016-20056

Apr 4, 2026 19:59:45 UTC

Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv services that allows local attackers to escalate privileges by inserting malicious executables. Attackers can place executable ...

CVE-2016-20055

Apr 4, 2026 19:59:44 UTC

IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the service path a...

CVE-2016-20054

Apr 4, 2026 19:59:44 UTC

Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/...

CVE-2016-20053

Apr 4, 2026 19:59:43 UTC

Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by tricking authenticated administrators into visiting malicious pages. Attackers can craft HTML...