Total
733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-29045 | 1 Alfa | 2 Wifi Camppro, Wifi Camppro Firmware | 2025-04-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value | |||||
| CVE-2025-29044 | 1 Netgear | 2 R6100, R6100 Firmware | 2025-04-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value | |||||
| CVE-2015-7853 | 2 Netapp, Ntp | 6 Clustered Data Ontap, Data Ontap, Oncommand Balance and 3 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. | |||||
| CVE-2017-7269 | 1 Microsoft | 2 Internet Information Services, Windows Server 2003 | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. | |||||
| CVE-2017-15222 | 1 Nftp Project | 1 Nftp | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2016-10174 | 1 Netgear | 56 D6100, D6100 Firmware, D7000 and 53 more | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution. | |||||
| CVE-2017-6862 | 1 Netgear | 6 Wnr2000v3, Wnr2000v3 Firmware, Wnr2000v4 and 3 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261. | |||||
| CVE-2024-33874 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c. | |||||
| CVE-2024-29159 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2016-4303 | 4 Debian, Es, Novell and 1 more | 5 Debian Linux, Iperf3, Suse Package Hub For Suse Linux Enterprise and 2 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. | |||||
| CVE-2016-4002 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2025-04-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes. | |||||
| CVE-2016-5343 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow. | |||||
| CVE-2015-7512 | 4 Debian, Oracle, Qemu and 1 more | 9 Debian Linux, Linux, Qemu and 6 more | 2025-04-12 | 6.8 MEDIUM | 9.0 CRITICAL |
| Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. | |||||
| CVE-2014-1524 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object. | |||||
| CVE-2010-1205 | 10 Apple, Canonical, Debian and 7 more | 17 Iphone Os, Itunes, Mac Os X and 14 more | 2025-04-11 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | |||||
| CVE-2024-39349 | 1 Synology | 4 Bc500, Bc500 Firmware, Tc500 and 1 more | 2025-04-10 | N/A | 9.8 CRITICAL |
| A vulnerability regarding buffer copy without checking size of input ('Classic Buffer Overflow') is found in the libjansson component and it does not affect the upstream library. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500. | |||||
| CVE-2022-45995 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2025-04-10 | N/A | 9.8 CRITICAL |
| There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414. | |||||
| CVE-2025-25676 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | N/A | 9.8 CRITICAL |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. | |||||
| CVE-2025-25678 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | N/A | 9.8 CRITICAL |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function. | |||||
| CVE-2025-22904 | 1 Edimax | 2 Re11s, Re11s Firmware | 2025-04-09 | N/A | 9.8 CRITICAL |
| RE11S v1.11 was discovered to contain a stack overflow via the pptpUserName parameter in the setWAN function. | |||||