Total
12852 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32887 | 1 Mediatek | 38 Mt2735, Mt6813, Mt6833 and 35 more | 2025-06-16 | N/A | 7.5 HIGH |
| In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). | |||||
| CVE-2023-51257 | 1 Jasper Project | 1 Jasper | 2025-06-16 | N/A | 7.8 HIGH |
| An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. | |||||
| CVE-2025-5907 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5908 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5909 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5910 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5911 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5912 | 1 Dlink | 2 Dir-632, Dir-632 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5357 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-06-16 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component PWD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5901 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5902 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument slaveIpList leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5903 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5904 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument device_name leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5905 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been rated as critical. Affected by this issue is the function setWiFiRepeaterCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument Password leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6098 | 2025-06-16 | 10.0 HIGH | 9.8 CRITICAL | ||
| A vulnerability was found in UTT 进取 750W up to 5.0. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-6112 | 2025-06-16 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6090 | 2025-06-16 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was found in H3C GR-5400AX V100R009L50 and classified as critical. This issue affects the function UpdateWanparamsMulti/UpdateIpv6params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this issue. Because they assess the risk as low, they do not have immediate plans for remediation. | |||||
| CVE-2025-6091 | 2025-06-16 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was found in H3C GR-3000AX V100R007L50. It has been classified as critical. Affected is the function UpdateWanParamsMulti/UpdateIpv6Params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this issue. Because they assess the risk as low, they do not have immediate plans for remediation. | |||||
| CVE-2025-6093 | 2025-06-16 | 5.2 MEDIUM | 5.5 MEDIUM | ||
| A vulnerability classified as critical was found in uYanki board-stm32f103rc-berial up to 84daed541609cb7b46854cc6672a275d1007e295. This vulnerability affects the function heartrate1_i2c_hal_write of the file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1_hal.c. The manipulation of the argument num leads to stack-based buffer overflow. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. | |||||
| CVE-2025-5593 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-06-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||