Total
710 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-57577 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | N/A | 5.7 MEDIUM |
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | |||||
CVE-2024-25373 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-03-17 | N/A | 4.6 MEDIUM |
Tenda AC10V4.0 V16.03.10.20 was discovered to contain a stack overflow via the page parameter in the sub_49B384 function. | |||||
CVE-2024-27878 | 1 Apple | 1 Macos | 2025-03-13 | N/A | 6.7 MEDIUM |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2023-52365 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 5.3 MEDIUM |
Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally. | |||||
CVE-2023-52364 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 6.3 MEDIUM |
Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write. | |||||
CVE-2023-52551 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 5.3 MEDIUM |
Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2025-25900 | 2025-03-13 | N/A | 4.9 MEDIUM | ||
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | |||||
CVE-2023-20624 | 2 Google, Mediatek | 16 Android, Mt6789, Mt6833 and 13 more | 2025-03-06 | N/A | 6.7 MEDIUM |
In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628530; Issue ID: ALPS07628530. | |||||
CVE-2025-0689 | 2025-03-05 | N/A | 6.4 MEDIUM | ||
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections. | |||||
CVE-2023-1161 | 1 Wireshark | 1 Wireshark | 2025-03-05 | N/A | 6.3 MEDIUM |
ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file | |||||
CVE-2025-1899 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-03-05 | 6.8 MEDIUM | 6.5 MEDIUM |
A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
CVE-2025-1895 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-03-05 | 6.8 MEDIUM | 6.5 MEDIUM |
A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
CVE-2024-5463 | 1 Synology | 4 Bc500, Bc500 Firmware, Tc500 and 1 more | 2025-03-04 | N/A | 6.5 MEDIUM |
A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to conduct denial-of-service attacks via unspecified vectors. This attack only affects the login service which will automatically restart. The following models with Synology Camera Firmware versions before 1.1.1-0383 may be affected: BC500 and TC500. | |||||
CVE-2025-1898 | 2025-03-04 | 6.8 MEDIUM | 6.5 MEDIUM | ||
A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
CVE-2025-1897 | 2025-03-04 | 6.8 MEDIUM | 6.5 MEDIUM | ||
A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
CVE-2025-1896 | 2025-03-04 | 6.8 MEDIUM | 6.5 MEDIUM | ||
A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
CVE-2025-1786 | 2025-03-03 | 4.3 MEDIUM | 5.3 MEDIUM | ||
A vulnerability was found in rizinorg rizin up to 0.7.4. It has been rated as critical. This issue affects the function msf_stream_directory_free in the library /librz/bin/pdb/pdb.c. The manipulation of the argument -P leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 0.8.0 is able to address this issue. It is recommended to upgrade the affected component. | |||||
CVE-2025-25280 | 2025-03-03 | N/A | 5.3 MEDIUM | ||
Buffer overflow vulnerability exists in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request. | |||||
CVE-2024-2331 | 1 Razormist | 1 Tourist Reservation System | 2025-02-26 | 6.5 MEDIUM | 6.3 MEDIUM |
A vulnerability was found in SourceCodester Tourist Reservation System 1.0. It has been declared as critical. This vulnerability affects the function ad_writedata of the file System.cpp. The manipulation of the argument ad_code leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256282 is the identifier assigned to this vulnerability. | |||||
CVE-2025-25474 | 2025-02-20 | N/A | 6.5 MEDIUM | ||
DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h. |