VYPR

Spotauditor

by Nsasoft

CVEs (6)

  • CVE-2019-25666MedApr 5, 2026
    risk 0.40cvss 6.2epss 0.00

    SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition.

  • CVE-2019-25596Mar 22, 2026
    risk 0.00cvss epss 0.00

    SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 repeated characters into the Name input…

  • CVE-2019-25434Feb 20, 2026
    risk 0.00cvss epss 0.00

    SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field…

  • CVE-2019-25340Feb 12, 2026
    risk 0.00cvss epss 0.00

    SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application…

  • CVE-2019-25336Feb 12, 2026
    risk 0.00cvss epss 0.00

    SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured…

  • CVE-2021-27722Nov 2, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.