Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-11339 | 1 Dlink | 2 Di-7100g C1, Di-7100g C1 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-11408 | 1 Dlink | 2 Di-7001mini-8g, Di-7001mini-8g Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipulation of the argument str leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2025-13258 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.
|
|||||
| CVE-2025-13288 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in Tenda CH22 1.0.0.1. This impacts the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2018-25125 | 2025-11-18 | N/A | N/A | ||
|
Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument causes the service, and in practice the router, to crash or become unresponsive, resulting in a loss of availability for the device and connected users.
|
|||||
| CVE-2025-32089 | 2025-11-18 | N/A | 8.8 HIGH | ||
|
A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability.
|
|||||
| CVE-2025-36553 | 2025-11-18 | N/A | 8.8 HIGH | ||
|
A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability.
|
|||||
| CVE-2025-37891 | 1 Linux | 1 Linux Kernel | 2025-11-17 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: ump: Fix buffer overflow at UMP SysEx message conversion
The conversion function from MIDI 1.0 to UMP packet contains an
internal buffer to keep the incoming MIDI bytes, and its size is 4, as
it was supposed to be the max size for a MIDI1 UMP packet data.
However, the implementation overlooked that SysEx is handled in a
different format, and it can be up to 6 bytes, as found in
do_convert_to_ump(). It leads eventually t ...
Show More |
|||||
| CVE-2025-37939 | 1 Linux | 1 Linux Kernel | 2025-11-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
libbpf: Fix accessing BTF.ext core_relo header
Update btf_ext_parse_info() to ensure the core_relo header is present
before reading its fields. This avoids a potential buffer read overflow
reported by the OSS Fuzz project.
|
|||||
| CVE-2025-10942 | 2025-11-14 | 9.0 HIGH | 8.8 HIGH | ||
|
A vulnerability was identified in H3C Magic B3 up to 100R002. This affects the function AddMacList/EditMacList of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-6634 | 1 Autodesk | 1 3ds Max | 2025-11-13 | N/A | 7.8 HIGH |
|
A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
|
|||||
| CVE-2025-12440 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-11-13 | N/A | 5.3 MEDIUM |
|
Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
|
|||||
| CVE-2025-40815 | 2025-11-12 | N/A | 7.2 HIGH | ||
|
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA2) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA2) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA2) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA2) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA2) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA2) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA2) (All versions), ...
Show More |
|||||
| CVE-2025-23412 | 1 F5 | 1 Big-ip Access Policy Manager | 2025-11-12 | N/A | 7.5 HIGH |
|
When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|||||
| CVE-2020-15069 | 1 Sophos | 2 Xg Firewall, Xg Firewall Firmware | 2025-11-07 | 7.5 HIGH | 9.8 CRITICAL |
|
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.
|
|||||
| CVE-2018-6789 | 3 Canonical, Debian, Exim | 3 Ubuntu Linux, Debian Linux, Exim | 2025-11-07 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
|
|||||
| CVE-2025-33131 | 3 Ibm, Linux, Microsoft | 5 Aix, Db2 High Performance Unload Load, Linux On Ibm Z and 2 more | 2025-11-06 | N/A | 6.5 MEDIUM |
|
IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, and 5.1 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack.
|
|||||
| CVE-2023-41064 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-11-06 | N/A | 7.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
|
|||||
| CVE-2025-47341 | 1 Qualcomm | 62 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 59 more | 2025-11-05 | N/A | 7.8 HIGH |
|
memory corruption while processing an image encoding completion event.
|
|||||
| CVE-2025-12611 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in Tenda AC21 16.03.08.16. This vulnerability affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIp leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
|
|||||
| CVE-2025-12596 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2025-12622 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
|
|||||
| CVE-2025-12619 | 1 Tenda | 2 A15, A15 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was found in Tenda A15 15.13.07.13. Affected is the function fromSetWirelessRepeat of the file /goform/openNetworkGateway. The manipulation of the argument wpapsk_crypto2_4g results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.
|
|||||
| CVE-2025-12618 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-48386 | 2025-11-04 | N/A | 6.3 MEDIUM | ||
|
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer (target) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it with wcsncat(), leading to potential buffer overflows. This vulnerability is fixed i ...
Show More |
|||||
| CVE-2025-25474 | 2 Debian, Offis | 2 Debian Linux, Dcmtk | 2025-11-04 | N/A | 6.5 MEDIUM |
|
DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h.
|
|||||
| CVE-2025-25472 | 2 Debian, Offis | 2 Debian Linux, Dcmtk | 2025-11-04 | N/A | 5.3 MEDIUM |
|
A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file.
|
|||||
| CVE-2025-1372 | 1 Elfutils Project | 1 Elfutils | 2025-11-04 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix ...
Show More |
|||||
| CVE-2023-35056 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2025-11-04 | N/A | 8.8 HIGH |
|
A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the cgi_handler function.
|
|||||
| CVE-2023-35055 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2025-11-04 | N/A | 8.8 HIGH |
|
A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the gozila_cgi function.
|
|||||
| CVE-2023-27935 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 8.8 HIGH |
|
The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or arbitrary code execution.
|
|||||
| CVE-2023-27934 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 8.8 HIGH |
|
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution.
|
|||||
| CVE-2022-41030 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no wlan filter mac address WORD descript WORD' command template.
|
|||||
| CVE-2022-41029 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'wlan filter mac address WORD descript WORD' command template.
|
|||||
| CVE-2022-41028 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null)' command template.
|
|||||
| CVE-2022-41027 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null)' command template.
|
|||||
| CVE-2022-41026 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn pptp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> mppe (on|off) stateful (on|off) options WORD' command templat ...
Show More |
|||||
| CVE-2022-41025 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn pptp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> mppe (on|off) stateful (on|off) options WORD' command template.
|
|||||
| CVE-2022-41024 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn pptp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> mppe (on|off) stateful (on|off)' command template.
|
|||||
| CVE-2022-41023 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn pptp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> mppe (on|off) stateful (on|off)' command template.
|
|||||