Total
2768 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-20121 | 2 Easyftp Server Project, Kmint21 Software | 2 Easyftp Server, Easyftp Server | 2025-09-10 | 9.8 Critical |
| EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.” | ||||
| CVE-2025-5827 | 1 Autel | 18 Maxicharger Ac Elite Business C50, Maxicharger Ac Elite Business C50 Firmware, Maxicharger Ac Pro and 15 more | 2025-09-10 | N/A |
| Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ble_process_esp32_msg function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26369. | ||||
| CVE-2025-5829 | 1 Autel | 18 Maxicharger Ac Elite Business C50, Maxicharger Ac Elite Business C50 Firmware, Maxicharger Ac Pro and 15 more | 2025-09-10 | N/A |
| Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26330. | ||||
| CVE-2025-20618 | 1 Intel | 10 Proset\/wireless Wifi, Wi-fi 6 Ax101, Wi-fi 6 Ax200 and 7 more | 2025-09-10 | 7.9 High |
| Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2023-6693 | 3 Fedoraproject, Qemu, Redhat | 4 Fedora, Qemu, Advanced Virtualization and 1 more | 2025-09-10 | 4.9 Medium |
| A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. | ||||
| CVE-2025-29840 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-09-10 | 8.8 High |
| Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-40795 | 1 Siemens | 2 Simatic, Simatic Pcs Neo | 2025-09-09 | 9.8 Critical |
| A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a stack-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. | ||||
| CVE-2025-29364 | 1 Spimsimulator | 1 Spim | 2025-09-09 | 6.5 Medium |
| spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READ_SYSCALL and WRITE_SYSCALL system calls. The application verifies the legitimacy of the starting and ending addresses for memory read/write operations. By configuring the starting and ending addresses for memory read/write to point to distinct memory segments within the virtual machine, it is possible to circumvent these checks. | ||||
| CVE-2025-55763 | 1 Civetweb Project | 1 Civetweb | 2025-09-09 | 7.5 High |
| Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution. | ||||
| CVE-2025-6170 | 2 Redhat, Xmlsoft | 5 Enterprise Linux, Jboss Core Services, Openshift and 2 more | 2025-09-09 | 2.5 Low |
| A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections. | ||||
| CVE-2025-55852 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-09-08 | 7.5 High |
| Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWifiBasicSet function via the parameter security or security_5g. | ||||
| CVE-2014-9200 | 1 Schneider-electric | 4 Somachine, Somove, Somove Lite and 1 more | 2025-09-05 | N/A |
| Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2025-4447 | 2 Eclipse, Redhat | 2 Openj9, Enterprise Linux | 2025-09-05 | 7.8 High |
| In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts. | ||||
| CVE-2024-52547 | 1 Lorextechnology | 1 W461asc-e Firmware | 2025-09-05 | 7.2 High |
| An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service (TCP port 80). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | ||||
| CVE-2024-52544 | 1 Lorextechnology | 1 W461asc-e Firmware | 2025-09-05 | 9.8 Critical |
| An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service (TCP port 3500). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | ||||
| CVE-2024-31449 | 2 Redhat, Redis | 3 Discovery, Enterprise Linux, Redis | 2025-09-04 | 7 High |
| Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2025-8816 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-09-04 | 8.8 High |
| A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the argument ethConv leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-8817 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-09-04 | 8.8 High |
| A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setLan of the file /goform/setLan. The manipulation of the argument lan2enabled leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-8819 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-09-04 | 8.8 High |
| A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function setWan of the file /goform/setWan. The manipulation of the argument staticIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-8820 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-09-04 | 8.8 High |
| A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function wirelessBasic of the file /goform/wirelessBasic. The manipulation of the argument submit_SSID1 leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||