Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-46556 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-18 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sInRCSecret0 parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46555 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-18 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pb parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46582 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-18 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvAddr parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46552 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sStRtMskShow parameter at ipstrt.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46550 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46593 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the trapcomm parameter at cgiswm.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2025-25667 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
|
|||||
| CVE-2025-25668 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function.
|
|||||
| CVE-2024-42812 | 1 Dlink | 2 Dir-860l, Dir-860l Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
|
|||||
| CVE-2025-25664 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.
|
|||||
| CVE-2024-46585 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at usergrp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-45230 | 1 Djangoproject | 1 Django | 2025-03-17 | N/A | 7.5 HIGH |
|
An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
|
|||||
| CVE-2025-25663 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow.
|
|||||
| CVE-2024-46652 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function.
|
|||||
| CVE-2024-57703 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow.
|
|||||
| CVE-2024-57578 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | N/A | 8.8 HIGH |
|
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function.
|
|||||
| CVE-2024-57577 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | N/A | 5.7 MEDIUM |
|
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
|
|||||
| CVE-2024-33214 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
|
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter in ip/goform/RouteStatic.
|
|||||
| CVE-2024-35571 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.
|
|||||
| CVE-2025-25674 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid.
|
|||||
| CVE-2024-25373 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-03-17 | N/A | 4.6 MEDIUM |
|
Tenda AC10V4.0 V16.03.10.20 was discovered to contain a stack overflow via the page parameter in the sub_49B384 function.
|
|||||
| CVE-2024-46571 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46568 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-24416 | 1 Linuxfoundation | 1 Magma | 2025-03-15 | N/A | 7.5 HIGH |
|
The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
|
|||||
| CVE-2024-41631 | 2025-03-14 | N/A | 7.5 HIGH | ||
|
Buffer Overflow vulnerability in host-host NEUQ_board v.1.0 allows a remote attacker to cause a denial of service via the password.h component.
|
|||||
| CVE-2024-32230 | 1 Ffmpeg | 1 Ffmpeg | 2025-03-14 | N/A | 7.8 HIGH |
|
FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0
|
|||||
| CVE-2024-24417 | 1 Linuxfoundation | 1 Magma | 2025-03-14 | N/A | 7.5 HIGH |
|
The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
|
|||||
| CVE-2024-46584 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-14 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the AControlIp1 parameter at acontrol.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46560 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-14 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pub_key parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46580 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-14 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the fid parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-53589 | 2025-03-14 | N/A | 8.4 HIGH | ||
|
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.
|
|||||
| CVE-2024-30635 | 1 Tenda | 2 F1202, F1202 Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
|
Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability located in the funcpara1 parameter in the formSetCfm function.
|
|||||
| CVE-2024-46588 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-13 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at wizfw.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46554 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-13 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the profname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-46551 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-13 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_Pwd parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-30602 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function.
|
|||||
| CVE-2024-46595 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-13 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the saveitem parameter at lan2lan.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-52365 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 5.3 MEDIUM |
|
Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally.
|
|||||
| CVE-2024-46557 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-13 | N/A | 7.5 HIGH |
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2024-37632 | 1 Totolink | 2 A3700r, A3700r Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
|
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
|
|||||