Total
3640 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-4824 | 1 Totolink | 6 A3002r, A3002r Firmware, A3002ru and 3 more | 2025-05-23 | 8.8 High |
| A vulnerability classified as critical has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4823 | 1 Totolink | 6 A3002r, A3002r Firmware, A3002ru and 3 more | 2025-05-23 | 8.8 High |
| A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is the function submit-url of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4788 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-05-23 | 7.3 High |
| A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component DELETE Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4789 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-05-23 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4790 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-05-23 | 7.3 High |
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4791 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-05-23 | 7.3 High |
| A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4462 | 1 Totolink | 2 N150rt, N150rt Firmware | 2025-05-23 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in TOTOLINK N150RT 3.4.0-B20190525. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument localPin leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-0755 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2025-05-22 | 8.8 High |
| Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | ||||
| CVE-2022-22629 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Itunes and 5 more | 2025-05-22 | 8.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2024-48710 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2025-05-21 | 6.5 Medium |
| In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. | ||||
| CVE-2024-48712 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2025-05-21 | 6.5 Medium |
| In TP-Link TL-WDR7660 1.0, the rtRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. | ||||
| CVE-2024-48713 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2025-05-21 | 6.5 Medium |
| In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. | ||||
| CVE-2024-48714 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2025-05-21 | 6.5 Medium |
| In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. | ||||
| CVE-2025-5051 | 2025-05-21 | 7.3 High | ||
| A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component BINARY Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5050 | 2025-05-21 | 7.3 High | ||
| A vulnerability was found in FreeFloat FTP Server 1.0. It has been rated as critical. This issue affects some unknown processing of the component BELL Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5049 | 2025-05-21 | 7.3 High | ||
| A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. This vulnerability affects unknown code of the component APPEND Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2019-16536 | 2025-05-21 | N/A | ||
| Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3. | ||||
| CVE-2024-52013 | 1 Netgear | 9 R6400 Firmware, R6400v2, R6400v2 Firmware and 6 more | 2025-05-21 | 5.7 Medium |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-52014 | 1 Netgear | 9 R6400 Firmware, R6400v2, R6400v2 Firmware and 6 more | 2025-05-21 | 5.7 Medium |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-52015 | 1 Netgear | 9 R6400 Firmware, R6400v2, R6400v2 Firmware and 6 more | 2025-05-21 | 5.7 Medium |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||