{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25602", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-22T13:02:13.208Z", "datePublished": "2026-03-22T13:38:38.195Z", "dateUpdated": "2026-03-23T15:30:56.790Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-22T13:38:38.195Z"}, "datePublic": "2019-06-23T00:00:00.000Z", "title": "GSearch 1.0.1.0 Denial of Service via Search Input", "descriptions": [{"lang": "en", "value": "GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Handling of Overlap Between Protected Memory Ranges", "cweId": "CWE-1260", "type": "CWE"}]}], "affected": [{"vendor": "GSearch", "product": "GSearch", "versions": [{"version": "1.0.1.0", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/47026", "name": "ExploitDB-47026", "tags": ["exploit"]}, {"url": "https://www.microsoft.com/store/productId/9NDTMZKLC693", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: GSearch 1.0.1.0 Denial of Service via Search Input", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/gsearch-denial-of-service-via-search-input"}], "credits": [{"lang": "en", "value": "0xB9", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T15:30:48.802134Z", "id": "CVE-2019-25602", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T15:30:56.790Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "GSearch 1.0.1.0 Denial of Service via Search Input", "credits": [{"lang": "en", "type": "finder", "value": "0xB9"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "GSearch", "product": "GSearch", "versions": [{"status": "affected", "version": "1.0.1.0"}]}], "datePublic": "2019-06-23T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/47026", "name": "ExploitDB-47026", "tags": ["exploit"]}, {"url": "https://www.microsoft.com/store/productId/9NDTMZKLC693", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/gsearch-denial-of-service-via-search-input", "name": "VulnCheck Advisory: GSearch 1.0.1.0 Denial of Service via Search Input", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1260", "description": "Improper Handling of Overlap Between Protected Memory Ranges"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-22T13:38:38.195Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25602", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-23T15:30:48.802134Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-23T15:30:52.536Z"}}]}, "cveMetadata": {"cveId": "CVE-2019-25602", "state": "PUBLISHED", "dateUpdated": "2026-03-22T13:38:38.195Z", "dateReserved": "2026-03-22T13:02:13.208Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-22T13:38:38.195Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash."}, {"lang": "es", "value": "GSearch 1.0.1.0 contiene una vulnerabilidad de denegaci\u00f3n de servicio que permite a atacantes locales bloquear la aplicaci\u00f3n al introducir una cadena excesivamente larga en la barra de b\u00fasqueda. Los atacantes pueden pegar un b\u00fafer de 2000 caracteres en el campo de b\u00fasqueda, hacer clic en buscar, y seleccionar cualquier resultado para provocar un bloqueo de la aplicaci\u00f3n."}], "id": "CVE-2019-25602", "lastModified": "2026-04-16T16:19:50.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-22T14:16:27.710", "references": [{"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/47026"}, {"source": "disclosure@vulncheck.com", "url": "https://www.microsoft.com/store/productId/9NDTMZKLC693"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/gsearch-denial-of-service-via-search-input"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1260"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0.1.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "gsearch", "vendor": "gsearch"}], "analysis": {"en": {"generated_at": "2026-03-22T15:35:31.265770+00:00", "value": {"mitigation_remediation": ["Apply the latest available patch for GSearch.", "If no patch exists, limit the length of the search input or disable the search feature to prevent crashes.", "Restart the application after implementing any mitigation measures."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Affected product is GSearch version 1.0.1.0. No other versions or vendors are indicated to be vulnerable, and the CNA vendor list lists only GSearch. Only local users with access to the application can trigger the issue.", "description_and_impact": "GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters, click search, and select any result to trigger a crash. The vulnerability does not lead to data disclosure or modification; it purely causes the application to terminate.", "risk_and_exploitability": "The CVSS score is 6.8, indicating moderate severity. Exploitation requires local access and does not involve remote code execution or privilege escalation. EPSS score is not available, and the vulnerability is not in KEV. Attackers can trigger the crash by using the search field, but no confidentiality, integrity, or remote execution impact is present. Immediate patching is recommended due to moderate score and ease of exploitation."}}}}, "created": "2026-03-23T09:46:17.449691+00:00", "updated": "2026-03-25T14:46:14.842111+00:00", "vendors": ["gsearch", "gsearch$PRODUCT$gsearch"]}