Alejandra Sánchez

40 exploits Active since Mar 2026
CVE-2019-25559 EXPLOITDB MEDIUM python WORKING POC
SpotPaltalk 1.1.5 Name/Key Field Denial of Service
SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a crash when the OK button is clicked.
CVSS 5.5
CVE-2019-25558 EXPLOITDB MEDIUM python WORKING POC
Selfie Studio 2.17 Denial of Service via Resize Image
Selfie Studio 2.17 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a large string of characters into the New Width or New Height field to trigger a buffer overflow that crashes the application.
CVSS 6.2
CVE-2019-25557 EXPLOITDB MEDIUM python WORKING POC
TwistedBrush Pro Studio 24.06 Denial of Service via srp File
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the application by importing a malformed .srp script file. Attackers can create a .srp file containing an excessively large buffer and import it through the Script Player interface to trigger an application crash.
CVSS 6.2
CVE-2019-25556 EXPLOITDB MEDIUM python WORKING POC
TwistedBrush Pro Studio 24.06 Resize Image Denial of Service
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a malicious string into the New Width or New Height field to trigger a buffer overflow that causes the application to crash.
CVSS 6.2
CVE-2019-25555 EXPLOITDB MEDIUM python WORKING POC
TwistedBrush Pro Studio 24.06 Script Recorder Denial of Service
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer. Attackers can paste a malicious string containing 500,000 characters into the Description field of the Script Recorder dialog to trigger an application crash.
CVSS 6.2
CVE-2019-25554 EXPLOITDB MEDIUM python WORKING POC
Tomabo MP4 Converter 3.25.22 Denial of Service via Name Field
Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset in the Video/Audio Formats options, causing the application to crash when Reset All is clicked.
CVSS 5.5
CVE-2019-25553 EXPLOITDB MEDIUM python WORKING POC
CEWE PHOTO IMPORTER 6.4.3 Denial of Service via Malformed Image
CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during the image processing workflow.
CVSS 6.2
CVE-2019-25552 EXPLOITDB HIGH python WORKING POC
CEWE PHOTO SHOW 6.4.3 Denial of Service via Password Field
CEWE PHOTO SHOW 6.4.3 contains a denial of service vulnerability that allows attackers to crash the application by submitting an excessively long buffer to the password field. Attackers can paste a large string of repeated characters into the password input during the upload process to trigger an application crash.
CVSS 7.5
CVE-2019-25551 EXPLOITDB MEDIUM python WORKING POC
Sandboxie 5.30 Denial of Service via Program Alerts Buffer Overflow
Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during program alert configuration to trigger an application crash.
CVSS 6.2
CVE-2019-25550 EXPLOITDB MEDIUM python WORKING POC
Encrypt PDF 2.3 Denial of Service via Buffer Overflow
Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byte buffer into the User Password or Master Password field in the Settings dialog to trigger an application crash when importing PDF files.
CVSS 6.2
CVE-2019-25549 EXPLOITDB MEDIUM python WORKING POC
VeryPDF PCL Converter 2.7 Denial of Service via PDF Security
VeryPDF PCL Converter 2.7 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long password string. Attackers can trigger a buffer overflow by entering a 3000-byte password in the PDF Security encryption fields, causing the application to crash when processing PCL files.
CVSS 6.2
CVE-2019-25548 EXPLOITDB MEDIUM python WORKING POC
BlueStacks 4.80.0.1060 Denial of Service via Search Field
BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer of 100,000 'A' characters into the search field and trigger a search operation to cause the application to crash.
CVSS 6.2
CVE-2019-25547 EXPLOITDB MEDIUM python WORKING POC
NetAware 1.20 Denial of Service via Add Block Buffer Overflow
NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash when removing the created block.
CVSS 6.2
CVE-2019-25546 EXPLOITDB MEDIUM python WORKING POC
NetAware 1.20 Share Name Denial of Service
NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new share through the Manage Shares interface.
CVSS 6.2
CVE-2019-25545 EXPLOITDB MEDIUM python WORKING POC
Terminal Services Manager 3.2.1 Local Buffer Overflow Denial of Service
Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during computer addition, causing a denial of service when the server entry is accessed.
CVSS 6.2
CVE-2019-25544 EXPLOITDB MEDIUM python WORKING POC
Pidgin 2.13.0 Denial of Service via Malformed Username
Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat, causing the application to become unavailable.
CVSS 6.2
CVE-2019-25572 EXPLOITDB MEDIUM python WORKING POC
NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow
NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.
CVSS 6.2
CVE-2019-25571 EXPLOITDB MEDIUM python WORKING POC
MediaMonkey 4.1.23 Denial of Service via Malformed URL
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a URL, which causes the application to crash when the file is opened through the File > Open URL dialog.
CVSS 6.2
CVE-2019-25570 EXPLOITDB MEDIUM python WORKING POC
RealTerm Serial Terminal 2.0.0.70 Denial of Service via Port Field
RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash.
CVSS 5.5
CVE-2019-25569 EXPLOITDB MEDIUM python WORKING POC
RealTerm Serial Terminal 2.0.0.70 SEH Overflow Crash
RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception handler (SEH) chain corruption. Attackers can craft a malicious input string with 268 bytes of padding followed by SEH overwrite values and paste it into the Port field to cause denial of service.
CVSS 6.2
CVE-2019-25568 EXPLOITDB CRITICAL text WORKING POC
Memu Play 6.0.7 Privilege Escalation via Insecure File Permissions
Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by replacing the MemuService.exe executable. Attackers can rename and overwrite MemuService.exe in the installation directory with a malicious executable, which executes with system-level privileges when the service restarts after a computer reboot.
CVSS 9.8
CVE-2019-25567 EXPLOITDB MEDIUM python WORKING POC
Valentina Studio 9.0.5 Linux Buffer Overflow via Host Field
Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that allows local attackers to crash the application by supplying an oversized input string. Attackers can trigger the vulnerability by pasting a crafted buffer exceeding 264 bytes into the Host field during server connection attempts, causing a denial of service.
CVSS 6.2
CVE-2019-25566 EXPLOITDB MEDIUM python WORKING POC
TransMac 12.3 Denial of Service via Volume Name Field
TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during disk image creation, and trigger an application crash.
CVSS 6.2
CVE-2019-25565 EXPLOITDB MEDIUM python WORKING POC
Magic Iso Maker 5.5 Buffer Overflow Denial of Service
Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during registration, and trigger a denial of service condition that crashes the application.
CVSS 6.2
CVE-2019-25564 EXPLOITDB MEDIUM python WORKING POC
PCHelpWareV2 1.0.0.5 Denial of Service via Group Field
PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Group field. Attackers can paste a buffer overflow payload into the Group property field and click Ok to trigger an application crash.
CVSS 5.5