Total
3395 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-41217 | 1 Justdan96 | 1 Tsmuxer | 2025-09-05 | N/A | 6.5 MEDIUM |
| A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02-00-45 allows attackers to cause Denial of Service (DoS) via a crafted MKV video file. | |||||
| CVE-2024-49777 | 1 Justdan96 | 1 Tsmuxer | 2025-09-05 | N/A | 8.8 HIGH |
| A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Denial of Service (DoS), Information Disclosure and Code Execution via a crafted MKV video file. | |||||
| CVE-2024-49778 | 1 Justdan96 | 1 Tsmuxer | 2025-09-05 | N/A | 8.8 HIGH |
| A heap-based buffer overflow in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to cause Denial of Service (DoS) and Code Execution via a crafted MOV video file. | |||||
| CVE-2024-32017 | 1 Riot-os | 1 Riot | 2025-09-04 | N/A | 9.8 CRITICAL |
| RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. The size check in the `gcoap_dns_server_proxy_get()` function contains a small typo that may lead to a buffer overflow in the subsequent `strcpy()`. In detail, the length of the `_uri` string is checked instead of the length of the `_proxy` string. The `_gcoap_forward_proxy_copy_options()` function does not implement an explicit size check before copying data to the `cep->req_etag` buffer that is `COAP_ETAG_LENGTH_MAX` bytes long. If an attacker can craft input so that `optlen` becomes larger than `COAP_ETAG_LENGTH_MAX`, they can cause a buffer overflow. If the input above is attacker-controlled and crosses a security boundary, the impact of the buffer overflow vulnerabilities could range from denial of service to arbitrary code execution. This issue has yet to be patched. Users are advised to add manual bounds checking. | |||||
| CVE-2024-41433 | 1 Pingcap | 1 Tidb | 2025-09-04 | N/A | 9.8 CRITICAL |
| PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the security impact of service interruption to other users. They argue that this is a complex query bug and not a DoS vulnerability. | |||||
| CVE-2025-9813 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument samba_userNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-9812 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-9783 | 1 Totolink | 2 A702r, A702r Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in TOTOLINK A702R 4.0.0-B20211108.1423. This issue affects the function sub_418030 of the file /boafrm/formParentControl. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-9779 | 1 Totolink | 2 A702r, A702r Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this vulnerability is the function sub_4162DC of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. | |||||
| CVE-2025-9780 | 1 Totolink | 2 A702r, A702r Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this issue is the function sub_419BE0 of the file /boafrm/formIpQoS. This manipulation of the argument mac causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. | |||||
| CVE-2025-9781 | 1 Totolink | 2 A702r, A702r Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in TOTOLINK A702R 4.0.0-B20211108.1423. This affects the function sub_4162DC of the file /boafrm/formFilter. Such manipulation of the argument ip6addr leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-9782 | 1 Totolink | 2 A702r, A702r Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK A702R 4.0.0-B20211108.1423. This vulnerability affects the function sub_4466F8 of the file /boafrm/formOneKeyAccessButton. Performing manipulation of the argument submit-url results in buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. | |||||
| CVE-2024-31225 | 1 Riot-os | 1 Riot | 2025-09-04 | N/A | 8.3 HIGH |
| RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. The `_on_rd_init()` function does not implement a size check before copying data to the `_result_buf` static buffer. If an attacker can craft a long enough payload, they could cause a buffer overflow. If the unchecked input above is attacker-controlled and crosses a security boundary, the impact of the buffer overflow vulnerability could range from denial of service to arbitrary code execution. This issue has yet to be patched. Users are advised to add manual bounds checking. | |||||
| CVE-2025-55495 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-09-03 | N/A | 6.5 MEDIUM |
| Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | |||||
| CVE-2025-4846 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-09-03 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MPUT Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-55613 | 1 Tenda | 2 O3, O3 Firmware | 2025-09-03 | N/A | 9.8 CRITICAL |
| Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter. | |||||
| CVE-2025-9443 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-02 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument new_account can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2023-38581 | 2 Intel, Microsoft | 2 Power Gadget, Windows | 2025-09-02 | N/A | 8.8 HIGH |
| Buffer overflow in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2010-10016 | 2025-09-02 | N/A | N/A | ||
| BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded in the playlist, allowing overwrite of Structured Exception Handler (SEH) records. The vulnerability is triggered upon opening a crafted playlist file and affects the Unicode parsing logic in the Windows client. | |||||
| CVE-2010-10017 | 2025-09-02 | N/A | N/A | ||
| WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occurs locally when a user opens the malicious file, and the payload executes with the privileges of the current user. | |||||