CWE-1260
Improper Handling of Overlap Between Protected Memory Ranges
The product allows address regions to overlap, which can result in the bypassing of intended memory protection.
CVE-2018-25238 (GCVE-0-2018-25238)
Vulnerability from cvelistv5 – Published: 2026-04-04 13:51 – Updated: 2026-04-06 18:02
VLAI?
Title
VSCO 1.1.1.0 Denial of Service via Search
Summary
VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.
Severity ?
6.2 (Medium)
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Date Public ?
2018-02-14 00:00
Credits
0xB9
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25238",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T17:54:12.768476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T18:02:54.326Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VSCO",
"vendor": "vsco",
"versions": [
{
"status": "affected",
"version": "1.1.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "0xB9"
}
],
"datePublic": "2018-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-04T19:59:50.254Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46385",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46385"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://www.microsoft.com/store/productId/9NC1RLNH76PB"
},
{
"name": "VulnCheck Advisory: VSCO 1.1.1.0 Denial of Service via Search",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/vsco-denial-of-service-via-search"
}
],
"title": "VSCO 1.1.1.0 Denial of Service via Search",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25238",
"datePublished": "2026-04-04T13:51:06.397Z",
"dateReserved": "2026-04-04T13:15:48.251Z",
"dateUpdated": "2026-04-06T18:02:54.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25240 (GCVE-0-2018-25240)
Vulnerability from cvelistv5 – Published: 2026-04-04 13:51 – Updated: 2026-04-06 19:05
VLAI?
Title
Watchr 1.1.0.0 Denial of Service via Search
Summary
Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash.
Severity ?
6.2 (Medium)
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Date Public ?
2018-01-18 00:00
Credits
0xB9
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25240",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T19:02:53.925832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T19:05:28.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Watchr",
"vendor": "Watchr",
"versions": [
{
"status": "affected",
"version": "1.1.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "0xB9"
}
],
"datePublic": "2018-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-04T19:59:51.833Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46194",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46194"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://www.microsoft.com/store/productId/9PN12GNX62VZ"
},
{
"name": "VulnCheck Advisory: Watchr 1.1.0.0 Denial of Service via Search",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/watchr-denial-of-service-via-search"
}
],
"title": "Watchr 1.1.0.0 Denial of Service via Search",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25240",
"datePublished": "2026-04-04T13:51:07.827Z",
"dateReserved": "2026-04-04T13:16:34.636Z",
"dateUpdated": "2026-04-06T19:05:28.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2019-25559 (GCVE-0-2019-25559)
Vulnerability from cvelistv5 – Published: 2026-03-21 12:47 – Updated: 2026-03-23 16:23
VLAI?
Title
SpotPaltalk 1.1.5 Name/Key Field Denial of Service
Summary
SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a crash when the OK button is clicked.
Severity ?
5.5 (Medium)
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Nsauditor | SpotPaltalk |
Affected:
1.1.5
|
Date Public ?
2019-05-10 00:00
Credits
Alejandra Sánchez
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25559",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T16:23:02.402539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T16:23:09.891Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SpotPaltalk",
"vendor": "Nsauditor",
"versions": [
{
"status": "affected",
"version": "1.1.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alejandra S\u00e1nchez"
}
],
"datePublic": "2019-05-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a crash when the OK button is clicked."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-21T12:47:00.586Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46822",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46822"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://www.nsauditor.com"
},
{
"name": "VulnCheck Advisory: SpotPaltalk 1.1.5 Name/Key Field Denial of Service",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/spotpaltalk-name-key-field-denial-of-service"
}
],
"title": "SpotPaltalk 1.1.5 Name/Key Field Denial of Service",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2019-25559",
"datePublished": "2026-03-21T12:47:00.586Z",
"dateReserved": "2026-03-21T12:29:55.973Z",
"dateUpdated": "2026-03-23T16:23:09.891Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2019-25570 (GCVE-0-2019-25570)
Vulnerability from cvelistv5 – Published: 2026-03-21 12:47 – Updated: 2026-03-24 15:15
VLAI?
Title
RealTerm Serial Terminal 2.0.0.70 Denial of Service via Port Field
Summary
RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash.
Severity ?
5.5 (Medium)
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Realterm | RealTerm: Serial Terminal |
Affected:
2.0.0.70
|
Date Public ?
2019-02-18 00:00
Credits
Alejandra Sánchez
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25570",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-24T14:01:21.686997Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T15:15:17.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RealTerm: Serial Terminal",
"vendor": "Realterm",
"versions": [
{
"status": "affected",
"version": "2.0.0.70"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alejandra S\u00e1nchez"
}
],
"datePublic": "2019-02-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-21T12:47:10.060Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46390",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46390"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://realterm.sourceforge.io/"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://sourceforge.net/projects/realterm/files/"
},
{
"name": "VulnCheck Advisory: RealTerm Serial Terminal 2.0.0.70 Denial of Service via Port Field",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/realterm-serial-terminal-denial-of-service-via-port-field"
}
],
"title": "RealTerm Serial Terminal 2.0.0.70 Denial of Service via Port Field",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2019-25570",
"datePublished": "2026-03-21T12:47:10.060Z",
"dateReserved": "2026-03-21T12:36:58.050Z",
"dateUpdated": "2026-03-24T15:15:17.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2019-25572 (GCVE-0-2019-25572)
Vulnerability from cvelistv5 – Published: 2026-03-21 12:47 – Updated: 2026-03-23 15:38
VLAI?
Title
NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow
Summary
NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.
Severity ?
6.2 (Medium)
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2019-02-11 00:00
Credits
Alejandra Sánchez
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25572",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T15:37:57.295161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:38:06.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NordVPN",
"vendor": "Nordvpn",
"versions": [
{
"status": "affected",
"version": "6.19.6"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nordvpn:nordvpn:6.19.6:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nordvpn:nordvpn:3.3.10:*:*:*:*:macos:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nordvpn:nordvpn:6.12.7.0:*:*:*:*:windows:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nordvpn:nordvpn:6.14.28.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alejandra S\u00e1nchez"
}
],
"datePublic": "2019-02-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-21T12:47:11.466Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46343",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46343"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://nordvpn.com/"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe"
},
{
"name": "VulnCheck Advisory: NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/nordvpn-denial-of-service-via-email-field-buffer-overflow"
}
],
"title": "NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2019-25572",
"datePublished": "2026-03-21T12:47:11.466Z",
"dateReserved": "2026-03-21T12:40:32.843Z",
"dateUpdated": "2026-03-23T15:38:06.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2019-25585 (GCVE-0-2019-25585)
Vulnerability from cvelistv5 – Published: 2026-03-22 00:11 – Updated: 2026-03-24 14:29
VLAI?
Title
Deluge 1.3.15 Denial of Service via Webseeds Field
Summary
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash.
Severity ?
6.2 (Medium)
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2019-05-21 00:00
Credits
Victor Mondragón
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25585",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-24T14:28:01.440413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T14:29:22.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Deluge",
"vendor": "Dev",
"versions": [
{
"status": "affected",
"version": "1.3.15"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:deluge-torrent:deluge:1.3.15:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Victor Mondrag\u00f3n"
}
],
"datePublic": "2019-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-22T00:15:28.712Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46884",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46884"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://dev.deluge-torrent.org/"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "http://download.deluge-torrent.org/windows/deluge-1.3.15-win32-py2.7.exe"
},
{
"name": "VulnCheck Advisory: Deluge 1.3.15 Denial of Service via Webseeds Field",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/deluge-denial-of-service-via-webseeds-field"
}
],
"title": "Deluge 1.3.15 Denial of Service via Webseeds Field",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2019-25585",
"datePublished": "2026-03-22T00:11:07.399Z",
"dateReserved": "2026-03-21T16:45:51.670Z",
"dateUpdated": "2026-03-24T14:29:22.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2019-25592 (GCVE-0-2019-25592)
Vulnerability from cvelistv5 – Published: 2026-03-22 13:38 – Updated: 2026-03-23 16:04
VLAI?
Title
PHPRunner 10.1 Denial of Service via Dashboard Name Field
Summary
PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Attackers can paste a buffer of 10000 characters into the Name field during dashboard creation to trigger an application crash.
Severity ?
6.2 (Medium)
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2019-05-09 00:00
Credits
Victor Mondragón
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25592",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T16:03:58.187582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T16:04:17.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PHPRunner",
"vendor": "Xlinesoft",
"versions": [
{
"status": "affected",
"version": "10.1"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xlinesoft:phprunner:10.1:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xlinesoft:phprunner:4.2:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xlinesoft:phprunner:-:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Victor Mondrag\u00f3n"
}
],
"datePublic": "2019-05-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Attackers can paste a buffer of 10000 characters into the Name field during dashboard creation to trigger an application crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-22T13:38:30.411Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46824",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46824"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://xlinesoft.com/"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://xlinesoft.com/phprunner/download.htm"
},
{
"name": "VulnCheck Advisory: PHPRunner 10.1 Denial of Service via Dashboard Name Field",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/phprunner-denial-of-service-via-dashboard-name-field"
}
],
"title": "PHPRunner 10.1 Denial of Service via Dashboard Name Field",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2019-25592",
"datePublished": "2026-03-22T13:38:30.411Z",
"dateReserved": "2026-03-22T12:53:14.849Z",
"dateUpdated": "2026-03-23T16:04:17.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2019-25602 (GCVE-0-2019-25602)
Vulnerability from cvelistv5 – Published: 2026-03-22 13:38 – Updated: 2026-03-23 15:30
VLAI?
Title
GSearch 1.0.1.0 Denial of Service via Search Input
Summary
GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash.
Severity ?
5.5 (Medium)
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Date Public ?
2019-06-23 00:00
Credits
0xB9
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25602",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T15:30:48.802134Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:30:56.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "GSearch",
"vendor": "GSearch",
"versions": [
{
"status": "affected",
"version": "1.0.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "0xB9"
}
],
"datePublic": "2019-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-22T13:38:38.195Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-47026",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/47026"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://www.microsoft.com/store/productId/9NDTMZKLC693"
},
{
"name": "VulnCheck Advisory: GSearch 1.0.1.0 Denial of Service via Search Input",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/gsearch-denial-of-service-via-search-input"
}
],
"title": "GSearch 1.0.1.0 Denial of Service via Search Input",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2019-25602",
"datePublished": "2026-03-22T13:38:38.195Z",
"dateReserved": "2026-03-22T13:02:13.208Z",
"dateUpdated": "2026-03-23T15:30:56.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-27813 (GCVE-0-2022-27813)
Vulnerability from cvelistv5 – Published: 2023-10-19 09:34 – Updated: 2024-08-03 05:33
VLAI?
Title
Unconfigured memory protection modules in Motorola MTM5000
Summary
Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions.
Severity ?
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Motorola | Mobile Radio |
Affected:
MTM5000
|
Credits
Midnight Blue
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27813",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T15:42:18.505018Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T13:32:53.489Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:33:00.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related",
"x_transferred"
],
"url": "https://tetraburst.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mobile Radio",
"vendor": "Motorola",
"versions": [
{
"status": "affected",
"version": "MTM5000"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Midnight Blue"
}
],
"descriptions": [
{
"lang": "en",
"value": "Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H/E:F/RL:U/RC:C/CR:X/IR:X/AR:X/MAV:L/MAC:L/MPR:H/MUI:N/MS:C/MC:L/MI:H/MA:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T00:27:54.327Z",
"orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"shortName": "NCSC-NL"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related"
],
"url": "https://tetraburst.com/"
}
],
"title": "Unconfigured memory protection modules in Motorola MTM5000"
}
},
"cveMetadata": {
"assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"assignerShortName": "NCSC-NL",
"cveId": "CVE-2022-27813",
"datePublished": "2023-10-19T09:34:44.148Z",
"dateReserved": "2022-03-24T03:04:57.475Z",
"dateUpdated": "2024-08-03T05:33:00.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0012 (GCVE-0-2025-0012)
Vulnerability from cvelistv5 – Published: 2026-02-10 19:12 – Updated: 2026-02-10 20:57
VLAI?
Summary
Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.
Severity ?
CWE
- CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD EPYC™ 9005 Series Processors |
Unaffected:
0x0B002147
|
|||||||
|
|||||||||
Date Public ?
2026-02-10 19:05
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0012",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T20:55:55.258601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T20:57:16.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "0x0B002147"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbTurinPI-SP5_1.0.0.0"
}
]
}
],
"datePublic": "2026-02-10T19:05:57.961Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.\u003cbr\u003e"
}
],
"value": "Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1260",
"description": "CWE-1260 Improper Handling of Overlap Between Protected Memory Ranges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:12:24.892Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-0012",
"datePublished": "2026-02-10T19:12:24.892Z",
"dateReserved": "2024-10-10T20:27:48.525Z",
"dateUpdated": "2026-02-10T20:57:16.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Ensure that memory regions are isolated as intended and that access control (read/write) policies are used by hardware to protect privileged software.
Mitigation
Phase: Implementation
Description:
- For all of the programmable memory protection regions, the memory protection unit (MPU) design can define a priority scheme.
- For example: if three memory regions can be programmed (Region_0, Region_1, and Region_2), the design can enforce a priority scheme, such that, if a system address is within multiple regions, then the region with the lowest ID takes priority and the access-control policy of that region will be applied. In some MPU designs, the priority scheme can also be programmed by trusted software.
- Hardware logic or trusted firmware can also check for region definitions and block programming of memory regions with overlapping addresses.
- The memory-access-control-check filter can also be designed to apply a policy filter to all of the overlapping ranges, i.e., if an address is within Region_0 and Region_1, then access to this address is only granted if both Region_0 and Region_1 policies allow the access.
CAPEC-456: Infected Memory
An adversary inserts malicious logic into memory enabling them to achieve a negative impact. This logic is often hidden from the user of the system and works behind the scenes to achieve negative impacts. This pattern of attack focuses on systems already fielded and used in operation as opposed to systems that are still under development and part of the supply chain.
CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections
An adversary takes advantage of missing or incorrectly configured access control within memory to read/write data or inject malicious code into said memory.