Vulnerabilities (CVE)

Filtered by CWE-787
Total 11665 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-22391 2 Fedoraproject, Grassroots Dicom Project 2 Fedora, Grassroots Dicom 2025-08-21 N/A 7.7 HIGH
A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2024-22373 2 Fedoraproject, Grassroots Dicom Project 2 Fedora, Grassroots Dicom 2025-08-21 N/A 8.1 HIGH
An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2023-49913 1 Tp-link 4 Eap115, Eap115 Firmware, Eap225 and 1 more 2025-08-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x422448` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
CVE-2023-49912 1 Tp-link 4 Eap115, Eap115 Firmware, Eap225 and 1 more 2025-08-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x4224b0` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
CVE-2023-49911 1 Tp-link 4 Eap115, Eap115 Firmware, Eap225 and 1 more 2025-08-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x422420` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
CVE-2023-49910 1 Tp-link 4 Eap115, Eap115 Firmware, Eap225 and 1 more 2025-08-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x42247c` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
CVE-2023-49909 1 Tp-link 2 Eap225, Eap225 Firmware 2025-08-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x0045ab38` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
CVE-2023-49908 1 Tp-link 2 Eap225, Eap225 Firmware 2025-08-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x0045abc8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
CVE-2023-49907 1 Tp-link 4 Eap115, Eap115 Firmware, Eap225 and 1 more 2025-08-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x0045aad8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
CVE-2023-49906 1 Tp-link 2 Eap225, Eap225 Firmware 2025-08-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x0045ab7c` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
CVE-2023-48724 1 Tp-link 2 Eap225, Eap225 Firmware 2025-08-21 N/A 7.5 HIGH
A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device's web interface. An attacker can send an unauthenticated HTTP POST request to trigger this vulnerability.
CVE-2025-9088 1 Tenda 2 Ac20, Ac20 Firmware 2025-08-21 9.0 HIGH 8.8 HIGH
A vulnerability was found in Tenda AC20 16.03.08.12. This vulnerability affects the function save_virtualser_data of the file /goform/formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-21441 1 Qualcomm 98 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 95 more 2025-08-20 N/A 7.8 HIGH
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
CVE-2025-21440 1 Qualcomm 98 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 95 more 2025-08-20 N/A 7.8 HIGH
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
CVE-2025-54627 1 Huawei 1 Harmonyos 2025-08-20 N/A 8.8 HIGH
Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-27907 1 Siemens 1 Simcenter Femap 2025-08-20 N/A 7.8 HIGH
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22051)
CVE-2025-40762 1 Siemens 1 Simcenter Femap 2025-08-20 N/A 7.8 HIGH
A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted STP file. This could allow an attacker to execute code in the context of the current process.(ZDI-CAN-26692)
CVE-2025-4877 2025-08-20 N/A 4.5 MEDIUM
There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to ssh_get_fingerprint_hash() function. In such cases the bin_to_base64() function can experience an integer overflow leading to a memory under allocation, when that happens it's possible that the program perform out of bounds write leading to a heap corruption. This issue affects only 32-bits builds of libssh.
CVE-2025-0144 1 Zoom 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more 2025-08-20 N/A 3.1 LOW
Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.
CVE-2025-2900 1 Ibm 1 Semeru Runtime 2025-08-19 N/A 7.5 HIGH
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation.