Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24731 | 1 Silabs | 1 Gecko Os | 2025-09-30 | N/A | 7.5 HIGH |
|
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the http_download command. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device.
|
|||||
| CVE-2024-23968 | 1 Chargepoint | 6 Home Flex Hardwired, Home Flex Hardwired Firmware, Home Flex Nema 14-50 Plug and 3 more | 2025-09-30 | N/A | 8.8 HIGH |
|
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the c ...
Show More |
|||||
| CVE-2024-23973 | 1 Silabs | 1 Gecko Os | 2025-09-30 | N/A | 8.8 HIGH |
|
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of HTTP GET requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device.
|
|||||
| CVE-2024-10559 | 1 Razormist | 1 Airport Booking Management System | 2025-09-30 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function Details. The manipulation of the argument passport/name leads to buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
|
|||||
| CVE-2024-7490 | 1 Microchip | 1 Advanced Software Framework | 2025-09-29 | N/A | 9.8 CRITICAL |
|
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.
This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option.
This issue affects Advanced Software Framework: through 3.52.0.2574.
ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.
|
|||||
| CVE-2025-36525 | 1 F5 | 1 Big-ip Access Policy Manager | 2025-09-29 | N/A | 7.5 HIGH |
|
When a BIG-IP APM virtual server is configured to use a PingAccess profile, undisclosed requests can cause TMM to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|||||
| CVE-2025-10034 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2025-09-29 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat of the file ping6_response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
|
|||||
| CVE-2024-0762 | 2 Intel, Phoenixtech | 581 300, 300t, Atom X7211e and 578 more | 2025-09-29 | N/A | 7.5 HIGH |
|
Potential buffer overflow
in unsafe UEFI variable handling
in Phoenix SecureCore™ for select Intel platforms
This issue affects:
Phoenix
SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998;
Phoenix
SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562;
Phoenix
SecureCore™ for Intel Ice Lake: from 4.2.0.1 before 4.2.0.323;
Phoenix
SecureCore™ for Intel Comet Lake: from 4.2.1.1 before 4.2.1.287;
Phoenix
SecureCore™ for Intel Tiger Lake: from 4.3.0.1 b ...
Show More |
|||||
| CVE-2024-39750 | 1 Ibm | 1 Analytics Content Hub | 2025-09-29 | N/A | 8.8 HIGH |
|
IBM Analytics Content Hub 2.0 is vulnerable to a buffer overflow due to improper return length checking. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
|
|||||
| CVE-2025-20149 | 2025-09-26 | N/A | 6.5 MEDIUM | ||
|
A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to a buffer overflow. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS co ...
Show More |
|||||
| CVE-2025-55611 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2025-09-26 | N/A | 7.5 HIGH |
|
D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formLanguageChange function via the nextPage parameter.
|
|||||
| CVE-2025-55606 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-09-26 | N/A | 7.5 HIGH |
|
Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the fromAdvSetMacMtuWan function via the serverName parameter.
|
|||||
| CVE-2025-55605 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-09-26 | N/A | 7.5 HIGH |
|
Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the saveParentControlInfo function via the deviceName parameter.
|
|||||
| CVE-2025-55603 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-09-26 | N/A | 7.5 HIGH |
|
Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the fromSetSysTime function via the ntpServer parameter.
|
|||||
| CVE-2025-55602 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2025-09-26 | N/A | 7.5 HIGH |
|
D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formSysCmd function via the submit-url parameter.
|
|||||
| CVE-2025-55599 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2025-09-26 | N/A | 7.5 HIGH |
|
D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formWlanSetup function via the parameter f_wds_wepKey.
|
|||||
| CVE-2025-9007 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-26 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formeditFileName of the file /goform/editFileName. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-9006 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-26 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function formdelFileName of the file /goform/delFileName. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-8892 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2025-09-25 | N/A | 7.8 HIGH |
|
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
|
|||||
| CVE-2025-10815 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-09-25 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.
|
|||||
| CVE-2025-21476 | 1 Qualcomm | 84 Qca6391, Qca6391 Firmware, Qca6698aq and 81 more | 2025-09-25 | N/A | 7.8 HIGH |
|
Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.
|
|||||
| CVE-2025-21481 | 1 Qualcomm | 498 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 495 more | 2025-09-25 | N/A | 7.8 HIGH |
|
Memory corruption while performing private key encryption in trusted application.
|
|||||
| CVE-2025-25723 | 1 Gpac | 1 Gpac | 2025-09-25 | N/A | 8.4 HIGH |
|
Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code.
|
|||||
| CVE-2025-10803 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-09-24 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2024-48984 | 1 Arm | 1 Mbed Os | 2025-09-24 | N/A | 9.8 CRITICAL |
|
An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software dynamically determines the length of a list of reports by reading a byte from an input stream. It then fetches the length of the first report, uses it to calculate the beginning of the second report, etc. In doing this, it tracks the largest report so it can later allocate a buffer that fits every individual report (but only one at a time). It does not, however, validate that these addresses are all con ...
Show More |
|||||
| CVE-2025-9390 | 1 Vim | 1 Vim | 2025-09-24 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.
|
|||||
| CVE-2025-24956 | 1 Siemens | 1 Openv2g | 2025-09-24 | N/A | 6.2 MEDIUM |
|
A vulnerability has been identified in OpenV2G (All versions < V0.9.6). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.
|
|||||
| CVE-2024-56805 | 1 Qnap | 2 Qts, Quts Hero | 2025-09-23 | N/A | 5.4 MEDIUM |
|
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes.
We have already fixed the vulnerability in the following versions:
QTS 5.2.4.3079 build 20250321 and later
QuTS hero h5.2.4.3079 build 20250321 and later
|
|||||
| CVE-2024-37047 | 1 Qnap | 2 Qts, Quts Hero | 2025-09-23 | N/A | 6.5 MEDIUM |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code.
We have already fixed the vulnerability in the following versions:
QTS 5.2.1.2930 build 20241025 and later
QuTS hero h5.2.1.2929 build 20241025 and later
|
|||||
| CVE-2024-37049 | 1 Qnap | 2 Qts, Quts Hero | 2025-09-23 | N/A | 6.5 MEDIUM |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code.
We have already fixed the vulnerability in the following versions:
QTS 5.2.1.2930 build 20241025 and later
QuTS hero h5.2.1.2929 build 20241025 and later
|
|||||
| CVE-2024-37050 | 1 Qnap | 2 Qts, Quts Hero | 2025-09-23 | N/A | 6.5 MEDIUM |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code.
We have already fixed the vulnerability in the following versions:
QTS 5.2.1.2930 build 20241025 and later
QuTS hero h5.2.1.2929 build 20241025 and later
|
|||||
| CVE-2024-37044 | 1 Qnap | 2 Qts, Quts Hero | 2025-09-23 | N/A | 7.2 HIGH |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code.
We have already fixed the vulnerability in the following versions:
QTS 5.2.1.2930 build 20241025 and later
QuTS hero h5.2.1.2929 build 20241025 and later
|
|||||
| CVE-2024-37041 | 1 Qnap | 2 Qts, Quts Hero | 2025-09-23 | N/A | 7.2 HIGH |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code.
We have already fixed the vulnerability in the following versions:
QTS 5.2.1.2930 build 20241025 and later
QuTS hero h5.2.1.2929 build 20241025 and later
|
|||||
| CVE-2025-30265 | 1 Qnap | 2 Qts, Quts Hero | 2025-09-22 | N/A | 6.5 MEDIUM |
|
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following versions:
QTS 5.2.5.3145 build 20250526 and later
QuTS hero h5.2.5.3138 build 20250519 and later
|
|||||
| CVE-2025-54632 | 1 Huawei | 2 Emui, Harmonyos | 2025-09-20 | N/A | 6.8 MEDIUM |
|
Vulnerability of insufficient data length verification in the HVB module.
Impact: Successful exploitation of this vulnerability may affect service integrity.
|
|||||
| CVE-2025-10443 | 1 Tenda | 4 Ac15, Ac15 Firmware, Ac9 and 1 more | 2025-09-19 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
|
|||||
| CVE-2023-47430 | 1 Readymedia Project | 1 Readymedia | 2025-09-19 | N/A | 7.5 HIGH |
|
Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 allows attackers to cause a denial of service via via the SendContainer() function at tivo_commands.c.
|
|||||
| CVE-2024-25139 | 1 Tp-link | 2 Omada Er605, Omada Er605 Firmware | 2025-09-18 | N/A | 10.0 CRITICAL |
|
In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in ER605(UN)_v2_2.2.4 Build 020240119.
|
|||||
| CVE-2024-26936 | 1 Linux | 1 Linux Kernel | 2025-09-18 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
The response buffer should be allocated in smb2_allocate_rsp_buf
before validating request. But the fields in payload as well as smb2 header
is used in smb2_allocate_rsp_buf(). This patch add simple buffer size
validation to avoid potencial out-of-bounds in request buffer.
|
|||||
| CVE-2025-57569 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
|
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT.
|
|||||