Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-29046 | 1 Alfa | 2 Wifi Camppro, Wifi Camppro Firmware | 2025-04-30 | N/A | 9.8 CRITICAL |
|
Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value
|
|||||
| CVE-2025-29047 | 1 Alfa | 2 Wifi Camppro, Wifi Camppro Firmware | 2025-04-30 | N/A | 9.8 CRITICAL |
|
Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser
|
|||||
| CVE-2022-44204 | 1 Dlink | 2 Dir-3060, Dir-3060 Firmware | 2025-04-30 | N/A | 9.8 CRITICAL |
|
D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow.
|
|||||
| CVE-2024-27572 | 1 Libtor | 2 Lbt-t300-t390, Lbt-t300-t390 Firmware | 2025-04-30 | N/A | 7.5 HIGH |
|
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the updateCurAPlist function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2021-33897 | 1 Synthesiagame | 1 Synthesia | 2025-04-29 | N/A | 5.5 MEDIUM |
|
A buffer overflow in Synthesia before 10.7.5567, when a non-Latin locale is used, allows user-assisted attackers to cause a denial of service (application crash) via a crafted MIDI file with malformed bytes. This file is mishandled during a deletion attempt. In Synthesia before 10.9, an improper path handling allows local attackers to cause a denial of service (application crash) via a crafted MIDI file with malformed bytes.
|
|||||
| CVE-2025-3379 | 1 Pcman | 1 Ftp Server | 2025-04-29 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. Affected by this vulnerability is an unknown functionality of the component EPSV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-3680 | 1 Pcman | 1 Ftp Server | 2025-04-29 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component LANG Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-3763 | 1 Razormist | 1 Phone Management System | 2025-04-29 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0. This affects the function main of the component Password Handler. The manipulation of the argument s leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-3683 | 1 Pcman | 1 Ftp Server | 2025-04-29 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. This vulnerability affects unknown code of the component SIZE Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-3682 | 1 Pcman | 1 Ftp Server | 2025-04-29 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component PASV Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-3681 | 1 Pcman | 1 Ftp Server | 2025-04-29 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MODE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2023-47004 | 1 Redislabs | 1 Redisgraph | 2025-04-29 | N/A | 8.8 HIGH |
|
Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication.
|
|||||
| CVE-2022-44172 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler.
|
|||||
| CVE-2022-44171 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set.
|
|||||
| CVE-2025-25524 | 1 Totolink | 2 X6000r, X6000r Firmware | 2025-04-29 | N/A | 5.1 MEDIUM |
|
Buffer overflow vulnerability in TOTOLink X6000R routers V9.4.0cu.652_B20230116 due to the lack of length verification, which is related to the addition of Wi-Fi filtering rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
|
|||||
| CVE-2025-28024 | 1 Totolink | 2 A810r, A810r Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi
|
|||||
| CVE-2022-44183 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic.
|
|||||
| CVE-2022-44180 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter.
|
|||||
| CVE-2022-44178 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB.
|
|||||
| CVE-2022-44177 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart.
|
|||||
| CVE-2022-44176 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic.
|
|||||
| CVE-2022-44175 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.
|
|||||
| CVE-2022-44174 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName.
|
|||||
| CVE-2024-6199 | 2025-04-29 | N/A | N/A | ||
|
An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS services and the modem, could manipulate specific responses to include code that forces a buffer overflow on the modem.
Customers that have not enabled Dynamic DNS on their modem are not vulnerable.
|
|||||
| CVE-2024-6198 | 2025-04-29 | N/A | N/A | ||
|
The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker
with access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the modem.
|
|||||
| CVE-2025-2851 | 2025-04-29 | 7.7 HIGH | 8.0 HIGH | ||
|
A vulnerability classified as critical has been found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT2500 Brume 2, GL-MT3000 Beryl AX, GL-MT6000 Flint 2, GL-SFT1200 Opal, GL-X300B Collie, GL-X750 Spitz, GL-X3000 Spitz AX, GL-XE300 Puli and GL-XE3000 Puli AX 4.x. Affected is an u ...
Show More |
|||||
| CVE-2022-39067 | 1 Zte | 2 Mf286r, Mf286r Firmware | 2025-04-29 | N/A | 6.5 MEDIUM |
|
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.
|
|||||
| CVE-2024-29507 | 1 Artifex | 1 Ghostscript | 2025-04-28 | N/A | 5.4 MEDIUM |
|
Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters.
|
|||||
| CVE-2022-44283 | 1 Avs4you | 1 Avs Audio Converter | 2025-04-25 | N/A | 9.8 CRITICAL |
|
AVS Audio Converter 10.3 is vulnerable to Buffer Overflow.
|
|||||
| CVE-2023-50246 | 1 Jqlang | 1 Jq | 2025-04-25 | N/A | 6.2 MEDIUM |
|
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue.
|
|||||
| CVE-2022-45648 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.
|
|||||
| CVE-2022-45672 | 1 Tenda | 2 I22, I22 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function.
|
|||||
| CVE-2022-45671 | 1 Tenda | 2 I22, I22 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function.
|
|||||
| CVE-2022-45670 | 1 Tenda | 2 I22, I22 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.
|
|||||
| CVE-2022-45669 | 1 Tenda | 2 I22, I22 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.
|
|||||
| CVE-2022-45664 | 1 Tenda | 2 I22, I22 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.
|
|||||
| CVE-2022-45663 | 1 Tenda | 2 I22, I22 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.
|
|||||
| CVE-2022-45661 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.
|
|||||
| CVE-2022-45660 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.
|
|||||
| CVE-2022-45659 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
|
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
|
|||||