Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-69209 | 2026-01-26 | N/A | N/A | ||
|
ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large `decimalPlaces` values to the affected String constructors or concat methods, the `dtostrf` function writes beyond fixed-size stack buffers, causing memory corruption and denial of service. Under specific ...
Show More |
|||||
| CVE-2022-48620 | 1 Troglobit | 1 Libeuv | 2026-01-25 | N/A | 9.8 CRITICAL |
|
uev (aka libuev) before 2.4.1 has a buffer overflow in epoll_wait if maxevents is a large number.
|
|||||
| CVE-2024-39543 | 1 Juniper | 2 Junos, Junos Os Evolved | 2026-01-23 | N/A | 6.5 MEDIUM |
|
A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to send specific RPKI-RTR packets resulting in a crash, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.
This issue affects
Junos OS:
* All versions before 21.2R3-S8,
* from ...
Show More |
|||||
| CVE-2025-52960 | 1 Juniper | 28 Junos, Mx10004, Mx10008 and 25 more | 2026-01-23 | N/A | 5.9 MEDIUM |
|
A Buffer Copy without Checking Size of Input vulnerability in the
Session Initialization Protocol (SIP) ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).
When memory utilization is high, and specific SIP packets are received, flowd/mspmand crashes. While the system recovers automatically, the disruption can significantly impact service stability. Continuous receipt of these specific SIP packets, w ...
Show More |
|||||
| CVE-2025-5222 | 1 Unicode | 1 International Components For Unicode | 2026-01-23 | N/A | 7.0 HIGH |
|
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
|
|||||
| CVE-2025-29329 | 1 Sagemcom | 2 F\@st 3686, F\@st 3686 Firmware | 2026-01-22 | N/A | 9.8 CRITICAL |
|
Buffer Overflow in the ippprint (Internet Printing Protocol) service in Sagemcom F@st 3686 MAGYAR_4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request.
|
|||||
| CVE-2024-39538 | 1 Juniper | 7 Acx7020, Acx7024, Acx7024x and 4 more | 2026-01-22 | N/A | 6.5 MEDIUM |
|
A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a
Denial-of-Service (DoS).When multicast traffic with a specific, valid (S,G) is received, evo-pfemand crashes which leads to an outage of the affected FPC until it is manually recovered.
This issue affects Junos OS Evolved on ACX7000 Series:
* All versions before 21.2R3-S8-EVO,
...
Show More |
|||||
| CVE-2025-66647 | 1 Riot-os | 1 Riot | 2026-01-22 | N/A | 9.8 CRITICAL |
|
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When copying the contents of the first fragment (offset=0) into the reassembly buffer, no size check is performed. It is possible to force the creation of a small reassembly buffer by first sending a shorter fragment (also with offset=0). O ...
Show More |
|||||
| CVE-2025-55297 | 1 Espressif | 1 Esp-idf | 2026-01-22 | N/A | 8.8 HIGH |
|
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9.
|
|||||
| CVE-2021-47815 | 1 Nsasoft | 1 Nsauditor | 2026-01-21 | N/A | 7.5 HIGH |
|
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash.
|
|||||
| CVE-2020-10188 | 6 Arista, Debian, Fedoraproject and 3 more | 6 Eos, Debian Linux, Fedora and 3 more | 2026-01-21 | 10.0 HIGH | 9.8 CRITICAL |
|
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
|
|||||
| CVE-2022-49267 | 1 Linux | 1 Linux Kernel | 2026-01-19 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
mmc: core: use sysfs_emit() instead of sprintf()
sprintf() (still used in the MMC core for the sysfs output) is vulnerable
to the buffer overflow. Use the new-fangled sysfs_emit() instead.
Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.
|
|||||
| CVE-2025-46397 | 2 Fig2dev Project, Redhat | 2 Fig2dev, Enterprise Linux | 2026-01-19 | N/A | 7.8 HIGH |
|
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
|
|||||
| CVE-2026-22861 | 1 Color | 1 Iccdev | 2026-01-16 | N/A | 8.8 HIGH |
|
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp. This vulnerability affects users of the iccDEV library who process ICC color profiles. The vulnerability is fixed in 2.3.1.2.
|
|||||
| CVE-2024-53695 | 1 Qnap | 1 Hybrid Backup Sync | 2026-01-16 | N/A | 9.1 CRITICAL |
|
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
HBS 3 Hybrid Backup Sync 25.1.4.952 and later
|
|||||
| CVE-2021-47813 | 2026-01-16 | N/A | 7.5 HIGH | ||
|
Backup Key Recovery 2.2.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a large buffer of 256 repeated characters into the registration key field to trigger application instability and potential crash.
|
|||||
| CVE-2021-47797 | 2026-01-16 | N/A | 7.5 HIGH | ||
|
Leawo Prof. Media 11.0.0.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized payload in the activation keycode field. Attackers can generate a 6000-byte buffer of repeated characters to trigger an application crash when pasted into the registration interface.
|
|||||
| CVE-2021-47798 | 2026-01-16 | N/A | 9.8 CRITICAL | ||
|
NoteBurner 2.35 contains a buffer overflow vulnerability in the license code input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the 'Name' and 'Code' fields to trigger an application crash.
|
|||||
| CVE-2025-69258 | 2 Microsoft, Trendmicro | 2 Windows, Apex Central | 2026-01-15 | N/A | 9.8 CRITICAL |
|
A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.
|
|||||
| CVE-2026-0640 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2026-01-15 | 9.0 HIGH | 8.8 HIGH |
|
A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
|
|||||
| CVE-2025-69259 | 2 Microsoft, Trendmicro | 2 Windows, Apex Central | 2026-01-15 | N/A | 7.5 HIGH |
|
A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations.
Please note: authentication is not required in order to exploit this vulnerability..
|
|||||
| CVE-2025-69260 | 2 Microsoft, Trendmicro | 2 Windows, Apex Central | 2026-01-15 | N/A | 7.5 HIGH |
|
A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations.
Please note: authentication is not required in order to exploit this vulnerability.
|
|||||
| CVE-2025-7673 | 1 Zyxel | 48 Emg3525-t50b, Emg3525-t50b Firmware, Emg5523-t50b and 45 more | 2026-01-14 | N/A | 9.8 CRITICAL |
|
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.
|
|||||
| CVE-2022-50922 | 2026-01-14 | N/A | 9.8 CRITICAL | ||
|
Audio Conversion Wizard v2.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory with a specially crafted registration code. Attackers can generate a payload that overwrites the application's memory stack, potentially enabling remote code execution through a carefully constructed input buffer.
|
|||||
| CVE-2025-7116 | 1 Utt | 2 750w, 750w Firmware | 2026-01-14 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fast_wireless_conf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-57632 | 2026-01-14 | N/A | 7.5 HIGH | ||
|
libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs (NextCommand), libsmb2 repeatedly calls smb2_add_iovector() to append to a fixed-size iovec array without checking the upper bound of v->niov (SMB2_MAX_VECTORS=256). An attacker can craft responses with many chained PDUs to overflow v->niov and perform heap out-of-bounds writes, causing memory corruption, crashes, and potentially arbitrary code execution. The SMB2_OPLOCK_BREAK path bypasses message ID validation.
|
|||||
| CVE-2025-46776 | 1 Fortinet | 2 Fortiextender, Fortiextender Firmware | 2026-01-14 | N/A | 6.4 MEDIUM |
|
A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands.
|
|||||
| CVE-2026-0836 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2026-0837 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2026-0838 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 9.0 HIGH | 8.8 HIGH |
|
A security flaw has been discovered in UTT 进取 520W 1.7.7-180627. This impacts the function strcpy of the file /goform/ConfigWirelessBase. Performing a manipulation of the argument ssid results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2026-0839 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 9.0 HIGH | 8.8 HIGH |
|
A weakness has been identified in UTT 进取 520W 1.7.7-180627. Affected is the function strcpy of the file /goform/APSecurity. Executing a manipulation of the argument wepkey1 can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2026-0840 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2026-0841 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-15462 | 1 Utt | 2 520w, 520w Firmware | 2026-01-12 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/ConfigAdvideo. The manipulation of the argument timestart leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-15461 | 1 Utt | 2 520w, 520w Firmware | 2026-01-12 | 9.0 HIGH | 8.8 HIGH |
|
A flaw has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTaskEdit. Executing a manipulation of the argument selDateType can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2016-6366 | 1 Cisco | 45 7604, 7606-s, 7609-s and 42 more | 2026-01-12 | 8.5 HIGH | 8.8 HIGH |
|
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.
|
|||||
| CVE-2025-15460 | 1 Utt | 2 520w, 520w Firmware | 2026-01-12 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formPptpClientConfig. Performing a manipulation of the argument EncryptionMode results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-15459 | 1 Utt | 2 520w, 520w Firmware | 2026-01-12 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formUser. Such manipulation of the argument passwd1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-15428 | 1 Utt | 2 512w, 512w Firmware | 2026-01-12 | 9.0 HIGH | 8.8 HIGH |
|
A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the file /goform/formRemoteControl. This manipulation of the argument Profile causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-15429 | 1 Utt | 2 512w, 512w Firmware | 2026-01-12 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formConfigCliForEngineerOnly. Such manipulation of the argument addCommand leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||