Total
3690 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4264 | 1 Zephyrproject | 1 Zephyr | 2025-06-18 | 7.1 High |
| Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. | ||||
| CVE-2023-5184 | 1 Zephyrproject | 1 Zephyr | 2025-06-18 | 7 High |
| Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. | ||||
| CVE-2025-5790 | 1 Totolink | 2 X15, X15 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. This vulnerability affects unknown code of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-0338 | 1 Apachefriends | 1 Xampp | 2025-06-17 | 7.3 High |
| A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler (SEH). | ||||
| CVE-2023-45037 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-06-17 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-45036 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-06-17 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-45035 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-06-17 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-41292 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-06-17 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-41277 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-06-17 | 5.5 Medium |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-41276 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-06-17 | 5.5 Medium |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-43819 | 1 Deltaww | 1 Dopsoft | 2025-06-17 | 8.8 High |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the InitialMacroLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | ||||
| CVE-2023-43818 | 1 Deltaww | 1 Dopsoft | 2025-06-17 | 8.8 High |
| A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | ||||
| CVE-2023-43817 | 1 Deltaww | 1 Dopsoft | 2025-06-17 | 7.5 High |
| A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wMailContentLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | ||||
| CVE-2023-6334 | 2 Hypr, Microsoft | 2 Workforce Access, Windows | 2025-06-17 | 5.3 Medium |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. | ||||
| CVE-2024-22526 | 1 Bandisoft | 1 Bandiview | 2025-06-17 | 5.5 Medium |
| Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service (DoS) via exr image file. | ||||
| CVE-2025-6147 | 2025-06-17 | 8.8 High | ||
| A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6128 | 2025-06-17 | 8.8 High | ||
| A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This affects an unknown part of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6129 | 2025-06-17 | 8.8 High | ||
| A vulnerability classified as critical was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6137 | 2025-06-17 | 8.8 High | ||
| A vulnerability classified as critical has been found in TOTOLINK T10 4.1.8cu.5207. Affected is the function setWiFiScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6143 | 2025-06-17 | 8.8 High | ||
| A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||