VYPR

Vendor CVEs

Nsasoft

All CVEs

22 total · sorted by risk
  • CVE-2018-25213HigMar 26, 2026
    risk 0.55cvss 8.4epss 0.00

    Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode…

  • CVE-2020-37130HigFeb 5, 2026
    risk 0.49cvss 7.5epss 0.00

    Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an application crash when pasted into the…

  • CVE-2021-47815HigJan 16, 2026
    risk 0.49cvss 7.5epss 0.00

    Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash.

  • CVE-2019-25712MedApr 12, 2026
    risk 0.40cvss 6.2epss 0.00

    BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can trigger a denial of service by entering a 256-byte buffer of repeated characters in…

  • CVE-2019-25711MedApr 12, 2026
    risk 0.40cvss 6.2epss 0.00

    SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized buffer in the Name field during registration. Attackers can generate a 256-byte payload, paste it into the Name input field,…

  • CVE-2019-25666MedApr 5, 2026
    risk 0.40cvss 6.2epss 0.00

    SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition.

  • CVE-2019-25597MedMar 22, 2026
    risk 0.40cvss 6.2epss 0.00

    NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a large payload into the Community field and trigger the Walk function…

  • CVE-2019-25559MedMar 21, 2026
    risk 0.36cvss 5.5epss 0.00

    SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during…

  • CVE-2019-25596Mar 22, 2026
    risk 0.00cvss epss 0.00

    SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 repeated characters into the Name input…

  • CVE-2019-25434Feb 20, 2026
    risk 0.00cvss epss 0.00

    SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field…

  • CVE-2019-25340Feb 12, 2026
    risk 0.00cvss epss 0.00

    SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application…

  • CVE-2019-25336Feb 12, 2026
    risk 0.00cvss epss 0.00

    SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured…

  • CVE-2020-37212Feb 11, 2026
    risk 0.00cvss epss 0.00

    SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

  • CVE-2020-37211Feb 11, 2026
    risk 0.00cvss epss 0.00

    SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a large buffer in the registration name field. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

  • CVE-2020-37210Feb 11, 2026
    risk 0.00cvss epss 0.00

    SpotIE 2.9.5 contains a denial of service vulnerability in the registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

  • CVE-2020-37209Feb 11, 2026
    risk 0.00cvss epss 0.00

    SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

  • CVE-2020-37208Feb 11, 2026
    risk 0.00cvss epss 0.00

    SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash and denial of service.

  • CVE-2020-37199Feb 11, 2026
    risk 0.00cvss epss 0.01

    NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

  • CVE-2020-37119Feb 5, 2026
    risk 0.00cvss epss 0.01

    Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute…

  • CVE-2021-47895Jan 23, 2026
    risk 0.00cvss epss 0.00

    Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Event Description field with a large buffer. Attackers can generate a 10,000-character 'U' buffer and paste it into the Event Description field to…

  • CVE-2024-1184Feb 2, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in Nsasoft Network Sleuth 3.0.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Registration Handler. The manipulation leads to denial of service. It is possible to launch the attack on the…

  • CVE-2021-27722Nov 2, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.