Filtered by vendor Top Password Software
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-37190 | 1 Top Password Software | 1 Top Password Firefox Password Recovery | 2026-02-12 | 7.5 High |
| Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields. | ||||
| CVE-2020-37191 | 1 Top Password Software | 1 Top Password Software Dialup Password Recovery | 2026-02-12 | 7.5 High |
| Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code input fields. | ||||
| CVE-2020-37192 | 1 Top Password Software | 1 Msn Password Recovery | 2026-02-12 | 6.2 Medium |
| MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system configuration information. | ||||
| CVE-2020-37193 | 1 Top Password Software | 1 Zip Password Recovery | 2026-02-12 | 7.5 High |
| ZIP Password Recovery 2.30 contains a denial of service vulnerability that allows attackers to crash the application by providing maliciously crafted input. Attackers can create a specially prepared text file with specific characters to trigger an application crash when selecting a ZIP file. | ||||
| CVE-2020-37215 | 1 Top Password Software | 1 Msn Password Recovery | 2026-02-12 | 7.5 High |
| MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized input in the registration code field. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the 'User Name and Registration Code' field to trigger an application crash. | ||||
Page 1 of 1.