Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-15215 | 1 Tenda | 2 Ac10u, Ac10u Firmware | 2026-01-02 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
|
|||||
| CVE-2025-67073 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-01-02 | N/A | 9.8 CRITICAL |
|
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `serviceName`) to /goform/AdvSetMacMtuWan.
|
|||||
| CVE-2025-67074 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-01-02 | N/A | 6.5 MEDIUM |
|
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `serverName`) to /goform/AdvSetMacMtuWan.
|
|||||
| CVE-2025-68114 | 1 Capstone-engine | 1 Capstone | 2026-01-02 | N/A | 4.8 MEDIUM |
|
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit 2c7797182a1618be12017d7d41e0b6581d5d529e fixes the issue.
|
|||||
| CVE-2025-50399 | 1 Fastcom | 2 Fac1200r, Fac1200r Firmware | 2026-01-02 | N/A | 9.8 CRITICAL |
|
FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter password.
|
|||||
| CVE-2025-50402 | 1 Fastcom | 2 Fac1200r, Fac1200r Firmware | 2026-01-02 | N/A | 9.8 CRITICAL |
|
FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter string fac_password.
|
|||||
| CVE-2025-50681 | 1 Pali | 1 Igmpproxy | 2026-01-02 | N/A | 7.5 HIGH |
|
igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service (application crash) via a crafted IGMPv3 membership report packet with a malicious source address. Due to insufficient validation in the `recv_igmp()` function in src/igmpproxy.c, an invalid group record type can trigger a NULL pointer dereference when logging the address using `inet_fmtsrc()`. This vulnerability can be exploited by sending malformed multicast traffic to a host running igmpproxy, leading to ...
Show More |
|||||
| CVE-2025-15356 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-12-31 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-15092 | 1 Utt | 2 512w, 512w Firmware | 2025-12-31 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in UTT 进取 512W up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/ConfigExceptMSN. Such manipulation of the argument remark leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
|
|||||
| CVE-2025-15091 | 1 Utt | 2 512w, 512w Firmware | 2025-12-31 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was determined in UTT 进取 512W up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/formPictureUrl. This manipulation of the argument importpictureurl causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
|
|||||
| CVE-2025-15090 | 1 Utt | 2 512w, 512w Firmware | 2025-12-31 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This vulnerability affects the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.
|
|||||
| CVE-2025-15089 | 1 Utt | 2 512w, 512w Firmware | 2025-12-31 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. This affects the function strcpy of the file /goform/APSecurity. The manipulation of the argument wepkey1 leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2022-50689 | 1 Cobiansoft | 1 Reflector | 2025-12-31 | N/A | 6.2 MEDIUM |
|
Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration.
|
|||||
| CVE-2025-63679 | 1 Free5gc | 1 Free5gc | 2025-12-31 | N/A | 7.5 HIGH |
|
free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF receives an UplinkRANConfigurationTransfer NGAP message from a gNB, the AMF process crashes.
|
|||||
| CVE-2024-33453 | 1 Espressif | 1 Esp-idf | 2025-12-31 | N/A | 8.1 HIGH |
|
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to obtain sensitive information via the externalId component.
|
|||||
| CVE-2024-33454 | 1 Espressif | 1 Esp-idf | 2025-12-31 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the Bluetooth stack component.
|
|||||
| CVE-2025-15193 | 1 Dlink | 2 Dwr-m920, Dwr-m920 Firmware | 2025-12-30 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub_423848 of the file /boafrm/formParentControl. Performing manipulation of the argument submit-url results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
|
|||||
| CVE-2025-15189 | 1 Dlink | 2 Dwr-m920, Dwr-m920 Firmware | 2025-12-30 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in D-Link DWR-M920 up to 1.1.50. This issue affects the function sub_464794 of the file /boafrm/formDefRoute. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.
|
|||||
| CVE-2025-14709 | 1 Sgwbox | 2 N3, N3 Firmware | 2025-12-30 | 10.0 HIGH | 9.8 CRITICAL |
|
A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue is some unknown functionality of the file /usr/sbin/http_eshell_server of the component WIRELESSCFGGET Interface. The manipulation of the argument params leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2023-36377 | 1 Osslsigncode Project | 1 Osslsigncode | 2025-12-30 | N/A | 7.8 HIGH |
|
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.
|
|||||
| CVE-2025-47372 | 1 Qualcomm | 46 Qam8255p, Qam8255p Firmware, Qam8620p and 43 more | 2025-12-23 | N/A | 9.0 CRITICAL |
|
Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.
|
|||||
| CVE-2025-65404 | 1 Live555 | 1 Streaming Media | 2025-12-23 | N/A | 6.5 MEDIUM |
|
A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.
|
|||||
| CVE-2025-14015 | 1 H3c | 2 Magic B0, Magic B0 Firmware | 2025-12-23 | 9.0 HIGH | 8.8 HIGH |
|
A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-50401 | 1 Mercurycom | 2 D196g, D196g Firmware | 2025-12-22 | N/A | 9.8 CRITICAL |
|
Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter password.
|
|||||
| CVE-2025-50398 | 1 Mercurycom | 2 D196g, D196g Firmware | 2025-12-22 | N/A | 9.8 CRITICAL |
|
Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter fac_password.
|
|||||
| CVE-2025-66287 | 2025-12-22 | N/A | 8.8 HIGH | ||
|
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
|
|||||
| CVE-2025-10886 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2025-12-19 | N/A | 7.8 HIGH |
|
A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
|
|||||
| CVE-2025-10887 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2025-12-19 | N/A | 7.8 HIGH |
|
A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
|
|||||
| CVE-2025-10889 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2025-12-19 | N/A | 7.8 HIGH |
|
A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
|
|||||
| CVE-2023-53874 | 1 Gomlab | 1 Gom Player | 2025-12-18 | N/A | 9.8 CRITICAL |
|
GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability.
|
|||||
| CVE-2025-50361 | 1 Smallbasic | 1 Smallbasic | 2025-12-18 | N/A | 5.1 MEDIUM |
|
Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v12_28, and commit sha:298a1d495355959db36451e90a0ac74bcc5593fe in the function main.cpp, which can lead to potential information leakage and crash.
|
|||||
| CVE-2023-4582 | 2 Apple, Mozilla | 4 Macos, Firefox, Firefox Esr and 1 more | 2025-12-18 | N/A | 8.8 HIGH |
|
Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS.
*This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
|
|||||
| CVE-2023-41913 | 1 Strongswan | 1 Strongswan | 2025-12-18 | N/A | 9.8 CRITICAL |
|
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.
|
|||||
| CVE-2021-3177 | 5 Debian, Fedoraproject, Netapp and 2 more | 10 Debian Linux, Fedora, Active Iq Unified Manager and 7 more | 2025-12-18 | 7.5 HIGH | 9.8 CRITICAL |
|
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
|
|||||
| CVE-2025-43532 | 1 Apple | 1 Macos | 2025-12-17 | N/A | 2.8 LOW |
|
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2, tvOS 26.2. Processing malicious data may lead to unexpected app termination.
|
|||||
| CVE-2024-29195 | 1 Microsoft | 1 Azure C Shared Utility | 2025-12-15 | N/A | 6.0 MEDIUM |
|
The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to vulnerabilities in parameter checking mechanism, by exploiting the buffer length parameter in Azure C SDK, which may lead to remote code execution. Requirements for RCE are 1. Compromised Azure account allow ...
Show More |
|||||
| CVE-2025-36924 | 1 Google | 1 Android | 2025-12-12 | N/A | 8.0 HIGH |
|
In ss_DecodeLcsAssistDataReqMsg(void) of ss_LcsManagement.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2025-36927 | 1 Google | 1 Android | 2025-12-12 | N/A | 7.8 HIGH |
|
In GetTachyonCommand of tachyon_server_common.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2025-36928 | 1 Google | 1 Android | 2025-12-12 | N/A | 7.8 HIGH |
|
In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2025-36930 | 1 Google | 1 Android | 2025-12-12 | N/A | 7.8 HIGH |
|
In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||