Total
13168 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-1378 | 1 Radare | 1 Radare2 | 2025-06-23 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0.0 is able to address this issue. The patch is identified as c6c772d2eab692ce7ada5a4227afd50c355ad545. It is recommended to upgrade the affected component. | |||||
| CVE-2025-5330 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-06-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component RETR Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5331 | 1 Pcman Ftp Server Project | 1 Pcman Ftp Server | 2025-06-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. This vulnerability affects unknown code of the component NLST Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5875 | 1 Tp-link | 2 Tl-ipc544ep-w4, Tl-ipc544ep-w4 Firmware | 2025-06-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-23213 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-06-20 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution. | |||||
| CVE-2024-20011 | 2 Google, Mediatek | 18 Android, Mt6985, Mt8127 and 15 more | 2025-06-20 | N/A | 9.8 CRITICAL |
| In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146. | |||||
| CVE-2023-42881 | 1 Apple | 1 Macos | 2025-06-20 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing a file may lead to unexpected app termination or arbitrary code execution. | |||||
| CVE-2023-32436 | 1 Apple | 1 Macos | 2025-06-20 | N/A | 7.1 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2022-47965 | 1 Apple | 1 Macos | 2025-06-20 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-47915 | 1 Apple | 1 Macos | 2025-06-20 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2025-5080 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5109 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-06-20 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5978 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH1202 1.2.0.14. It has been classified as critical. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6130 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6138 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4730 | 1 Totolink | 4 A3002r, A3002r Firmware, A3002ru and 1 more | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4731 | 1 Totolink | 4 A3002r, A3002r Firmware, A3002ru and 1 more | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type/ip_subnet leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4732 | 1 Totolink | 4 A3002r, A3002r Firmware, A3002ru and 1 more | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4733 | 1 Totolink | 4 A3002r, A3002r Firmware, A3002ru and 1 more | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5934 | 1 Netgear | 2 Ex3700, Ex3700 Firmware | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub_41619C of the file /mtd. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.0.98 is able to address this issue. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer. | |||||