Total
3935 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25746 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2025-04-09 | 8.1 High |
| Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping. | ||||
| CVE-2024-51116 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-09 | 8.8 High |
| Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'. | ||||
| CVE-2025-22904 | 1 Edimax | 2 Re11s, Re11s Firmware | 2025-04-09 | 9.8 Critical |
| RE11S v1.11 was discovered to contain a stack overflow via the pptpUserName parameter in the setWAN function. | ||||
| CVE-2025-22907 | 1 Edimax | 2 Re11s, Re11s Firmware | 2025-04-09 | 9.8 Critical |
| RE11S v1.11 was discovered to contain a stack overflow via the selSSID parameter in the formWlSiteSurvey function. | ||||
| CVE-2025-22913 | 1 Edimax | 2 Re11s, Re11s Firmware | 2025-04-09 | 9.8 Critical |
| RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the formStaDrvSetup function. | ||||
| CVE-2025-22916 | 1 Edimax | 2 Re11s, Re11s Firmware | 2025-04-09 | 9.8 Critical |
| RE11S v1.11 was discovered to contain a stack overflow via the pppUserName parameter in the formPPPoESetup function. | ||||
| CVE-2025-22946 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-04-09 | 9.8 Critical |
| Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution. | ||||
| CVE-2024-57483 | 1 Tenda | 2 I24, I24 Firmware | 2025-04-09 | 9.8 Critical |
| Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. | ||||
| CVE-2021-3966 | 1 Zephyrproject | 1 Zephyr | 2025-04-09 | 9.6 Critical |
| usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem. | ||||
| CVE-2022-4857 | 1 Modbustools | 1 Modbus Poll | 2025-04-09 | 6.3 Medium |
| A vulnerability was found in Modbus Tools Modbus Poll up to 9.10.0 and classified as critical. Affected by this issue is some unknown functionality of the file mbpoll.exe of the component mbp File Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-217022 is the identifier assigned to this vulnerability. | ||||
| CVE-2021-26409 | 1 Amd | 2 Milanpi, Milanpi Firmware | 2025-04-09 | 7.8 High |
| Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table (RMP) memory, potentially resulting in a loss of SNP (Secure Nested Paging) memory integrity. | ||||
| CVE-2022-43970 | 1 Linksys | 2 Wrt54gl, Wrt54gl Firmware | 2025-04-09 | 7.2 High |
| A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi. | ||||
| CVE-2023-46060 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-04-09 | 7.5 High |
| A Buffer Overflow vulnerability in Tenda AC500 v.2.0.1.9 allows a remote attacker to cause a denial of service via the port parameter at the goform/setVlanInfo component. | ||||
| CVE-2022-43662 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-04-09 | 4 Medium |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | ||||
| CVE-2022-43389 | 1 Zyxel | 34 Ep240p, Ep240p Firmware, Lte3202-m437 and 31 more | 2025-04-09 | 8.6 High |
| A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device. | ||||
| CVE-2022-45126 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-04-09 | 4 Medium |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | ||||
| CVE-2017-14454 | 1 Insteon | 2 Hub, Hub Firmware | 2025-04-09 | 8.5 High |
| Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. The `strcpy` at [18] overflows the buffer `insteon_pubnub.channel_al`, which has a size of 16 bytes. | ||||
| CVE-2007-1887 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2025-04-09 | N/A |
| Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character. | ||||
| CVE-2009-2502 | 1 Microsoft | 27 .net Framework, Excel Viewer, Expression Web and 24 more | 2025-04-09 | 8.1 High |
| Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability." | ||||
| CVE-2008-3496 | 1 Linux | 1 Linux Kernel | 2025-04-09 | N/A |
| Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. | ||||