Export limit exceeded: 349467 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21879 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5734 | 1 Totolink | 2 X15, X15 Firmware | 2025-06-23 | 8.8 High |
| A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-46035 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-06-23 | 7.5 High |
| Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint | ||||
| CVE-2024-24736 | 1 Ypopsemail | 1 Ypops\! | 2025-06-20 | 7.5 High |
| The POP3 service in YahooPOPs (aka YPOPs!) 1.6 allows a remote denial of service (reboot) via a long string to TCP port 110, a related issue to CVE-2004-1558. | ||||
| CVE-2021-42144 | 1 Contiki-ng | 1 Contiki-ng Tinydtls | 2025-06-20 | 7.5 High |
| Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtls_ccm_decrypt_message(). | ||||
| CVE-2024-22957 | 1 Swftools | 1 Swftools | 2025-06-20 | 5.5 Medium |
| swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190. | ||||
| CVE-2024-38951 | 1 Dronecode | 1 Px4 Drone Autopilot | 2025-06-20 | 6.5 Medium |
| A buffer overflow in PX4-Autopilot v1.12.3 allows attackers to cause a Denial of Service (DoS) via a crafted MavLink message. | ||||
| CVE-2024-38952 | 1 Dronecode | 1 Px4 Drone Autopilot | 2025-06-20 | 7.5 High |
| PX4-Autopilot v1.14.3 was discovered to contain a buffer overflow via the topic_name parameter at /logger/logged_topics.cpp. | ||||
| CVE-2024-54887 | 1 Tp-link | 2 Tl-wr940n, Tl-wr940n Firmware | 2025-06-20 | 8 High |
| TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user. | ||||
| CVE-2023-48347 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48344 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48341 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2024-40427 | 1 Dronecode | 1 Px4 Drone Autopilot | 2025-06-20 | 7.9 High |
| Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute | ||||
| CVE-2024-22058 | 1 Ivanti | 1 Endpoint Manager | 2025-06-20 | N/A |
| A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older. | ||||
| CVE-2025-25900 | 1 Tp-link | 2 Tl-wr841nd V11, Tl-wr841nd V11 Firmware | 2025-06-20 | 4.9 Medium |
| A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | ||||
| CVE-2023-49236 | 1 Trendnet | 2 Tv-ip1314pi, Tv-ip1314pi Firmware | 2025-06-20 | 9.8 Critical |
| A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci. | ||||
| CVE-2023-47993 | 1 Freeimage Project | 1 Freeimage | 2025-06-20 | 6.5 Medium |
| A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service. | ||||
| CVE-2023-42862 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-06-20 | 6.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. | ||||
| CVE-2023-36629 | 1 St | 1 St54-android-packages-apps-nfc | 2025-06-20 | 5.5 Medium |
| The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read. | ||||
| CVE-2025-6130 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-20 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6138 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-20 | 8.8 High |
| A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||