Spotauditor

spotauditor

Vendor: Nsasoft • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-25666 1Nsasoft 1Spotauditor Apr 20, 2026 Apr 5, 2026 6.9 MEDIUM· v4 5.5 MEDIUM· v3 N/A· v2 SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decode...Show more SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition.Show less
CVE-2019-25596 1Nsasoft 1Spotauditor Mar 23, 2026 Mar 22, 2026 6.9 MEDIUM· v4 6.2 MEDIUM· v3 N/A· v2 SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste...Show more SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 repeated characters into the Name input during registration to trigger an application crash.Show less
CVE-2019-25434 1Nsasoft 1Spotauditor Mar 5, 2026 Feb 20, 2026 6.7 MEDIUM· v4 7.5 HIGH· v3 N/A· v2 SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large strin...Show more SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field during registration to trigger an unhandled exception that crashes the application.Show less
CVE-2019-25340 1Nsasoft 1Spotauditor Feb 20, 2026 Feb 12, 2026 6.7 MEDIUM· v4 7.5 HIGH· v3 N/A· v2 SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file...Show more SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted into the Base64 Encrypted Password field.Show less
CVE-2019-25336 1Nsasoft 1Spotauditor Feb 20, 2026 Feb 12, 2026 8.4 HIGH· v4 7.8 HIGH· v3 N/A· v2 SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially c...Show more SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler (SEH) overwrite and execute shellcode on the vulnerable system.Show less
CVE-2021-27722 1Nsasoft 1Spotauditor Nov 21, 2024 Nov 2, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.