Export limit exceeded: 349920 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21918 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21918 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50695 | 1 Sungrowpower | 2 Winet-s, Winet-s Firmware | 2025-05-29 | 9.8 Critical |
| SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks. | ||||
| CVE-2024-50697 | 1 Sungrowpower | 2 Winet-s, Winet-s Firmware | 2025-05-29 | 8.1 High |
| In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow. | ||||
| CVE-2025-1110 | 1 Gitlab | 1 Gitlab | 2025-05-29 | 2.7 Low |
| An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query. | ||||
| CVE-2025-44884 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_post function. | ||||
| CVE-2025-44885 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter in the web_snmpv3_remote_engineId_add_post function. | ||||
| CVE-2025-44886 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function. | ||||
| CVE-2025-44887 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function. | ||||
| CVE-2025-44888 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name parameter in the web_stp_globalSetting_post function. | ||||
| CVE-2025-44890 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function. | ||||
| CVE-2025-44883 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function. | ||||
| CVE-2025-44891 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function. | ||||
| CVE-2025-44894 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function. | ||||
| CVE-2025-44896 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function. | ||||
| CVE-2025-44897 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function. | ||||
| CVE-2025-44898 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | 9.8 Critical |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function. | ||||
| CVE-2024-23613 | 1 Broadcom | 1 Symantec Deployment Solutions | 2025-05-29 | 10 Critical |
| A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. | ||||
| CVE-2024-23615 | 1 Broadcom | 1 Symantec Messaging Gateway | 2025-05-29 | 10 Critical |
| A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root. | ||||
| CVE-2024-0926 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2025-05-29 | 4.7 Medium |
| A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252131. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-0927 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2025-05-29 | 4.7 Medium |
| A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252132. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-0929 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2025-05-29 | 4.7 Medium |
| A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252134 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||