Total
3690 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-12178 | 1 Autodesk | 1 Navisworks | 2025-05-08 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-36525 | 2025-05-08 | 7.5 High | ||
| When a BIG-IP APM virtual server is configured to use a PingAccess profile, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-6198 | 2025-05-08 | N/A | ||
| The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker with access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the modem. | ||||
| CVE-2021-42553 | 1 St | 1 Stm32 Mw Usb Host | 2025-05-07 | 6.8 Medium |
| A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS such as FreeRTOS on STM32 MCUs. | ||||
| CVE-2024-58106 | 1 Huawei | 1 Harmonyos | 2025-05-07 | 4.6 Medium |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-58107 | 1 Huawei | 1 Harmonyos | 2025-05-07 | 7.5 High |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-58108 | 1 Huawei | 1 Harmonyos | 2025-05-07 | 4.6 Medium |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-6906 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-05-07 | 9.8 Critical |
| A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248268. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-58109 | 1 Huawei | 1 Harmonyos | 2025-05-07 | 4.6 Medium |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-58110 | 1 Huawei | 1 Harmonyos | 2025-05-07 | 4.6 Medium |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-26889 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2025-05-07 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fixed size name[8] field so in the event that hdev->name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switching to use strscpy. | ||||
| CVE-2025-3988 | 1 Totolink | 2 N150rt, N150rt Firmware | 2025-05-07 | 8.8 High |
| A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. Affected is an unknown function of the file /boafrm/formPortFw. The manipulation of the argument service_type leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-25662 | 1 Tenda | 2 O4, O4 Firmware | 2025-05-07 | 9.8 Critical |
| Tenda O4 V3.0 V1.0.0.10(2936) is vulnerable to Buffer Overflow in the function SafeSetMacFilter of the file /goform/setMacFilterList via the argument remark/type/time. | ||||
| CVE-2025-3148 | 1 Code-projects | 1 Product Management System | 2025-05-07 | 3.3 Low |
| A vulnerability was found in codeprojects Product Management System 1.0 and classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument Str1 leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-50996 | 1 Netgear | 9 R6400 Firmware, R6400v2, R6400v2 Firmware and 6 more | 2025-05-07 | 5.7 Medium |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-51003 | 1 Netgear | 9 R6400 Firmware, R6400v2, R6400v2 Firmware and 6 more | 2025-05-07 | 5.7 Medium |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2021-40241 | 1 Xfig Project | 1 Xfig | 2025-05-07 | 9.8 Critical |
| xfig 3.2.7 is vulnerable to Buffer Overflow. | ||||
| CVE-2024-26327 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-05-07 | 5.3 Medium |
| An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. | ||||
| CVE-2025-28018 | 1 Totolink | 2 A800r, A800r Firmware | 2025-05-06 | 7.3 High |
| TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v14 parameter. | ||||
| CVE-2025-28019 | 1 Totolink | 2 A800r, A800r Firmware | 2025-05-06 | 7.3 High |
| TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi component | ||||