Total
3395 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37184 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the adm.cgi rep_as_bridge() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-37357 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the adm.cgi set_TR069() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-36290 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 10.0 CRITICAL |
| A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-36272 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the usbip.cgi set_info() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-39288 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-39294 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the adm.cgi set_wzdgw4G() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-39299 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the qos.cgi qos_sta_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2025-55499 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-08-21 | N/A | 6.5 MEDIUM |
| Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function. | |||||
| CVE-2024-39358 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the adm.cgi set_wzap() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-39370 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2025-08-21 | N/A | 9.1 CRITICAL |
| An arbitrary code execution vulnerability exists in the adm.cgi set_MeshAp() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2025-5048 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-08-20 | N/A | 7.8 HIGH |
| A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2024-53013 | 1 Qualcomm | 120 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 117 more | 2025-08-20 | N/A | 6.6 MEDIUM |
| Memory corruption may occur while processing voice call registration with user. | |||||
| CVE-2025-8019 | 1 Szlbt | 2 Lbt-t300-t310, Lbt-t300-t310 Firmware | 2025-08-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7077 | 1 Szlbt | 2 Lbt-t300-t310, Lbt-t300-t310 Firmware | 2025-08-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6. This affects the function config_3g_para of the file /appy.cgi. The manipulation of the argument username_3g/password_3g leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-40536 | 1 Szlbt | 2 Lbt-t300-t400, Lbt-t300-t400 Firmware | 2025-08-20 | N/A | 5.3 MEDIUM |
| Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin_3g_code parameter in the config_3g_para function. | |||||
| CVE-2024-39181 | 1 Szlbt | 2 Lbt-t300-t400, Lbt-t300-t400 Firmware | 2025-08-20 | N/A | 6.5 MEDIUM |
| Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a buffer overflow via the ApCliSsid parameter in thegenerate_conf_router() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-32324 | 1 Szlbt | 2 Lbt-t300-t400, Lbt-t300-t400 Firmware | 2025-08-20 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v.3.2 allows a local attacker to execute arbitrary code via the vpn_client_ip variable of the config_vpn_pptp function in rc program. | |||||
| CVE-2025-46785 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-19 | N/A | 6.5 MEDIUM |
| Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-8940 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-08-19 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is the function strcpy of the file /goform/saveParentControlInfo. The manipulation of the argument Time leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8939 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-08-19 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||