Total
2768 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-42599 | 1 Qualitia | 1 Active\! Mail | 2025-07-30 | 9.8 Critical |
| Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. | ||||
| CVE-2023-39804 | 1 Gnu | 1 Tar | 2025-07-29 | 6.2 Medium |
| In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. | ||||
| CVE-2014-125114 | 2025-07-29 | N/A | ||
| A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow during scheduled download parsing, potentially leading to arbitrary code execution or a crash. | ||||
| CVE-2014-125117 | 1 D-link | 1 Dsp-w215 | 2025-07-29 | N/A |
| A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices, including the DSP-W215 version 1.02, can be exploited via a specially crafted HTTP POST request to the /common/info.cgi endpoint. This flaw enables an unauthenticated attacker to achieve remote code execution with system-level privileges. | ||||
| CVE-2025-26595 | 3 Redhat, Tigervnc, X.org | 9 Enterprise Linux, Rhel Aus, Rhel E4s and 6 more | 2025-07-29 | 7.8 High |
| A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size. | ||||
| CVE-2024-1598 | 1 Phoenix | 1 Securecore Technology | 2025-07-28 | 7.5 High |
| Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCoreā¢ for Intel Gemini Lake.This issue affects: SecureCoreā¢ for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567. | ||||
| CVE-2025-51088 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 5.3 Medium |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow. | ||||
| CVE-2025-51087 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 8.6 High |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. | ||||
| CVE-2025-51085 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 5.3 Medium |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow. | ||||
| CVE-2025-51082 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 5.3 Medium |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/fast_setting_wifi_set. The manipulation of the argument `timeZone` leads to stack-based buffer overflow. | ||||
| CVE-2024-33514 | 1 Arubanetworks | 1 Arubaos | 2025-07-28 | 5.3 Medium |
| Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. | ||||
| CVE-2024-33515 | 1 Arubanetworks | 1 Arubaos | 2025-07-28 | 5.3 Medium |
| Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. | ||||
| CVE-2024-33516 | 1 Arubanetworks | 1 Arubaos | 2025-07-28 | 5.3 Medium |
| An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller. | ||||
| CVE-2024-33517 | 1 Arubanetworks | 1 Arubaos | 2025-07-28 | 5.3 Medium |
| An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. | ||||
| CVE-2024-33518 | 1 Arubanetworks | 1 Arubaos | 2025-07-25 | 5.3 Medium |
| An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. | ||||
| CVE-2025-41687 | 1 Weidmueller | 4 Ie-sr-2tx-wl, Ie-sr-2tx-wl-4g-eu, Ie-sr-2tx-wl-4g-us-v and 1 more | 2025-07-25 | 9.8 Critical |
| An unauthenticated remote attacker may use a stack based buffer overflow in the u-link Management API to gain full access on the affected devices. | ||||
| CVE-2025-7908 | 2 D-link, Dlink | 3 Di-8100, Di-8100, Di-8100 Firmware | 2025-07-25 | 8.8 High |
| A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file /ddns.asp?opt=add of the component jhttpd. The manipulation of the argument mx leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7909 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2025-07-25 | 8.8 High |
| A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. Affected by this issue is the function sprintf of the file /goform/formLanSetupRouterSettings of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-7910 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2025-07-25 | 8.8 High |
| A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function sprintf of the file /goform/formSetWanNonLogin of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2014-9190 | 1 Schneider-electric | 1 Wonderware Intouch Access Anywhere Server | 2025-07-24 | N/A |
| Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist. | ||||