Total
3514 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49829 | 2025-05-07 | 6.7 Medium | ||
| Memory corruption can occur during context user dumps due to inadequate checks on buffer length. | ||||
| CVE-2024-49830 | 2025-05-07 | 6.6 Medium | ||
| Memory corruption while processing an IOCTL call to set mixer controls. | ||||
| CVE-2025-4344 | 2025-05-07 | 8.8 High | ||
| A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-4345 | 2025-05-07 | 8.8 High | ||
| A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. This issue affects the function formSetLog. The manipulation of the argument host leads to buffer overflow. The attack may be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-4348 | 2025-05-07 | 8.8 High | ||
| A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-25052 | 2025-05-07 | 3.3 Low | ||
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow. | ||||
| CVE-2025-4346 | 2025-05-07 | 8.8 High | ||
| A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been classified as critical. Affected is the function formSetWAN_Wizard534. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-4368 | 2025-05-07 | 8.8 High | ||
| A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4342 | 2025-05-07 | 8.8 High | ||
| A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-4343 | 2025-05-07 | 8.8 High | ||
| A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-4347 | 2025-05-07 | 8.8 High | ||
| A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been declared as critical. Affected by this vulnerability is the function formWlSiteSurvey. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2024-26327 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-05-07 | 5.3 Medium |
| An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. | ||||
| CVE-2025-28018 | 1 Totolink | 2 A800r, A800r Firmware | 2025-05-06 | 7.3 High |
| TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v14 parameter. | ||||
| CVE-2025-28019 | 1 Totolink | 2 A800r, A800r Firmware | 2025-05-06 | 7.3 High |
| TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi component | ||||
| CVE-2025-28020 | 1 Totolink | 2 A800r, A800r Firmware | 2025-05-06 | 7.3 High |
| TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter. | ||||
| CVE-2025-28021 | 1 Totolink | 2 A810r, A810r Firmware | 2025-05-06 | 7.3 High |
| TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the downloadFile.cgi through the v14 and v3 parameters | ||||
| CVE-2025-28022 | 1 Totolink | 2 A810r, A810r Firmware | 2025-05-06 | 7.3 High |
| TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter. | ||||
| CVE-2025-28025 | 1 Totolink | 8 A3000ru, A3000ru Firmware, A3100r and 5 more | 2025-05-06 | 7.3 High |
| TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v14 parameter. | ||||
| CVE-2025-28028 | 1 Totolink | 8 A3000ru, A3000ru Firmware, A3100r and 5 more | 2025-05-06 | 7.3 High |
| TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v5 parameter. | ||||
| CVE-2022-43752 | 2 Common Desktop Environment Project, Oracle | 2 Common Desktop Environment, Solaris | 2025-05-06 | 7.8 High |
| Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon. | ||||