Total
3335 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4344 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-05-12 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-49830 | 1 Qualcomm | 24 Qca6574au, Qca6574au Firmware, Qca6595au and 21 more | 2025-05-09 | N/A | 6.6 MEDIUM |
| Memory corruption while processing an IOCTL call to set mixer controls. | |||||
| CVE-2024-49829 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-05-09 | N/A | 6.7 MEDIUM |
| Memory corruption can occur during context user dumps due to inadequate checks on buffer length. | |||||
| CVE-2025-25052 | 1 Openatom | 1 Openharmony | 2025-05-09 | N/A | 3.3 LOW |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow. | |||||
| CVE-2022-25687 | 1 Qualcomm | 362 Apq8009, Apq8009 Firmware, Apq8009w and 359 more | 2025-05-09 | N/A | 7.3 HIGH |
| memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2024-1755 | 1 Computy | 1 Nps Computy | 2025-05-08 | N/A | 8.8 HIGH |
| The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks | |||||
| CVE-2025-28221 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-05-08 | N/A | 7.5 HIGH |
| Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request. | |||||
| CVE-2024-12194 | 1 Autodesk | 1 Navisworks | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2024-12178 | 1 Autodesk | 1 Navisworks | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2021-42553 | 1 St | 1 Stm32 Mw Usb Host | 2025-05-07 | N/A | 6.8 MEDIUM |
| A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS such as FreeRTOS on STM32 MCUs. | |||||
| CVE-2024-58106 | 1 Huawei | 1 Harmonyos | 2025-05-07 | N/A | 4.6 MEDIUM |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58107 | 1 Huawei | 1 Harmonyos | 2025-05-07 | N/A | 7.5 HIGH |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58108 | 1 Huawei | 1 Harmonyos | 2025-05-07 | N/A | 4.6 MEDIUM |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58109 | 1 Huawei | 1 Harmonyos | 2025-05-07 | N/A | 4.6 MEDIUM |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58110 | 1 Huawei | 1 Harmonyos | 2025-05-07 | N/A | 4.6 MEDIUM |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-3988 | 1 Totolink | 2 N150rt, N150rt Firmware | 2025-05-07 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. Affected is an unknown function of the file /boafrm/formPortFw. The manipulation of the argument service_type leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-25662 | 1 Tenda | 2 O4, O4 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| Tenda O4 V3.0 V1.0.0.10(2936) is vulnerable to Buffer Overflow in the function SafeSetMacFilter of the file /goform/setMacFilterList via the argument remark/type/time. | |||||
| CVE-2025-3148 | 1 Code-projects | 1 Product Management System | 2025-05-07 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in codeprojects Product Management System 1.0 and classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument Str1 leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-50996 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-07 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51003 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-07 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||