Total
12715 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-11120 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-03 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda AC8 16.03.34.06. The affected element is the function formSetServerConfig of the file /goform/SetServerConfig. Executing manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-11117 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-03 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formWrlExtraGet of the file /goform/GstDhcpSetSer. This manipulation of the argument dips causes buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2024-42442 | 1 Ami | 1 Aptio V | 2025-10-02 | N/A | 7.2 HIGH |
| APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode. | |||||
| CVE-2024-33658 | 1 Ami | 1 Aptio V | 2025-10-02 | N/A | 7.8 HIGH |
| APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity. | |||||
| CVE-2023-42906 | 2025-10-01 | N/A | 7.8 HIGH | ||
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | |||||
| CVE-2025-7207 | 1 Mruby | 1 Mruby | 2025-10-01 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope_new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is 1fdd96104180cc0fb5d3cb086b05ab6458911bb9. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2025-6566 | 1 Oatpp | 1 Oat\+\+ | 2025-10-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in oatpp Oat++ up to 1.3.1. It has been declared as critical. This vulnerability affects the function deserializeArray of the file src/oatpp/json/Deserializer.cpp. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-10773 | 1 Lb-link | 2 Bl-ac2100, Bl-ac2100 Firmware | 2025-09-30 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in B-Link BL-AC2100 up to 1.0.3. Affected by this issue is the function delshrpath of the file /goform/set_delshrpath_cfg of the component Web Management Interface. The manipulation of the argument Type results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-10559 | 1 Razormist | 1 Airport Booking Management System | 2025-09-30 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function Details. The manipulation of the argument passport/name leads to buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2025-43277 | 1 Apple | 1 Macos | 2025-09-29 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8. Processing a maliciously crafted audio file may lead to memory corruption. | |||||
| CVE-2025-3548 | 1 Assimp | 1 Assimp | 2025-09-29 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2025-9938 | 1 Dlink | 2 Di-8400, Di-8400 Firmware | 2025-09-29 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in D-Link DI-8400 16.07.26A1. The affected element is the function yyxz_dlink_asp of the file /yyxz.asp. This manipulation of the argument ID causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-10034 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2025-09-29 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat of the file ping6_response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-10997 | 1 Openbabel | 1 Open Babel | 2025-09-29 | 4.3 MEDIUM | 5.3 MEDIUM |
| A flaw has been found in Open Babel up to 3.1.1. Impacted is the function ChemKinFormat::CheckSpecies of the file /src/formats/chemkinformat.cpp. Executing manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. | |||||
| CVE-2025-10996 | 1 Openbabel | 1 Open Babel | 2025-09-29 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used. | |||||
| CVE-2025-10995 | 1 Openbabel | 1 Open Babel | 2025-09-29 | 4.3 MEDIUM | 5.3 MEDIUM |
| A security vulnerability has been detected in Open Babel up to 3.1.1. This vulnerability affects the function zlib_stream::basic_unzip_streambuf::underflow in the library /src/zipstreamimpl.h. Such manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-10994 | 1 Openbabel | 1 Open Babel | 2025-09-29 | 4.3 MEDIUM | 5.3 MEDIUM |
| A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2024-56438 | 1 Huawei | 2 Emui, Harmonyos | 2025-09-26 | N/A | 6.0 MEDIUM |
| Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-10942 | 2025-09-26 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was identified in H3C Magic B3 up to 100R002. This affects the function AddMacList of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-10953 | 2025-09-26 | 9.0 HIGH | 8.8 HIGH | ||
| A security vulnerability has been detected in UTT 1200GW and 1250GW up to 3.0.0-170831/3.2.2-200710. This vulnerability affects unknown code of the file /goform/formApMail. The manipulation of the argument senderEmail leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||