Total
3425 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-11338 | 1 Dlink | 2 Di-7100g C1, Di-7100g C1 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-11339 | 1 Dlink | 2 Di-7100g C1, Di-7100g C1 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-11408 | 1 Dlink | 2 Di-7001mini-8g, Di-7001mini-8g Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipulation of the argument str leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-46776 | 2025-11-19 | N/A | 6.4 MEDIUM | ||
| A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands. | |||||
| CVE-2025-13400 | 2025-11-19 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was detected in Tenda CH22 1.0.0.1. Affected is the function formWrlExtraGet of the file /goform/WrlExtraGet. Performing manipulation of the argument chkHz results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. | |||||
| CVE-2025-9458 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2025-11-19 | N/A | 7.8 HIGH |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2025-13258 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. | |||||
| CVE-2025-13288 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda CH22 1.0.0.1. This impacts the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-13304 | 2025-11-18 | 9.0 HIGH | 8.8 HIGH | ||
| A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-13305 | 2025-11-18 | 9.0 HIGH | 8.8 HIGH | ||
| A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2018-25125 | 2025-11-18 | N/A | N/A | ||
| Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument causes the service, and in practice the router, to crash or become unresponsive, resulting in a loss of availability for the device and connected users. | |||||
| CVE-2025-36553 | 2025-11-18 | N/A | 8.8 HIGH | ||
| A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. | |||||
| CVE-2025-32089 | 2025-11-18 | N/A | 8.8 HIGH | ||
| A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability. | |||||
| CVE-2025-37891 | 1 Linux | 1 Linux Kernel | 2025-11-17 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max size for a MIDI1 UMP packet data. However, the implementation overlooked that SysEx is handled in a different format, and it can be up to 6 bytes, as found in do_convert_to_ump(). It leads eventually to a buffer overflow, and may corrupt the memory when a longer SysEx message is received. The fix is simply to extend the buffer size to 6 to fit with the SysEx UMP message. | |||||
| CVE-2025-37939 | 1 Linux | 1 Linux Kernel | 2025-11-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext core_relo header Update btf_ext_parse_info() to ensure the core_relo header is present before reading its fields. This avoids a potential buffer read overflow reported by the OSS Fuzz project. | |||||
| CVE-2025-64182 | 2025-11-14 | N/A | N/A | ||
| OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter (the deprecated OpenEXR.InputFile wrapper) allow crashes and likely code execution when opening attacker-controlled EXR files or when passing crafted Python objects. Integer overflow and unchecked allocation in InputFile.channel() and InputFile.channels() can lead to heap overflow (32 bit) or a NULL deref (64 bit). Versions 3.2.5, 3.3.6, and 3.4.3 contain a patch for the issue. | |||||
| CVE-2025-63679 | 2025-11-14 | N/A | 9.8 CRITICAL | ||
| free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF receives an UplinkRANConfigurationTransfer NGAP message from a gNB, the AMF process crashes. | |||||
| CVE-2025-10942 | 2025-11-14 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was identified in H3C Magic B3 up to 100R002. This affects the function AddMacList/EditMacList of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-6634 | 1 Autodesk | 1 3ds Max | 2025-11-13 | N/A | 7.8 HIGH |
| A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2025-12440 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-11-13 | N/A | 5.3 MEDIUM |
| Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low) | |||||