Total
1728 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26688 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-09 | N/A | 7.8 HIGH |
| Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27481 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | N/A | 8.8 HIGH |
| Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-6073 | 2025-07-08 | N/A | 7.5 HIGH | ||
| Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer for username or password. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | |||||
| CVE-2025-6072 | 2025-07-08 | N/A | 7.5 HIGH | ||
| Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | |||||
| CVE-2023-44431 | 1 Bluez | 1 Bluez | 2025-07-08 | N/A | 8.0 HIGH |
| BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19909. | |||||
| CVE-2025-6857 | 1 Hdfgroup | 1 Hdf5 | 2025-07-08 | 1.7 LOW | 3.3 LOW |
| A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-35003 | 1 Apache | 1 Nuttx | 2025-07-08 | N/A | 9.8 CRITICAL |
| Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack (HCI and UART components) that may result in system crash, denial of service, or arbitrary code execution, after receiving maliciously crafted packets. NuttX's Bluetooth HCI/UART stack users are advised to upgrade to version 12.9.0, which fixes the identified implementation issues. This issue affects Apache NuttX: from 7.25 before 12.9.0. | |||||
| CVE-2025-40580 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2025-07-08 | N/A | 6.7 MEDIUM |
| A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer overflow. This could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition. | |||||
| CVE-2025-40579 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2025-07-08 | N/A | 6.7 MEDIUM |
| A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer overflow. This could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition. | |||||
| CVE-2025-6487 | 1 Totolink | 2 A3002r, A3002r Firmware | 2025-07-07 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function formRoute of the file /boafrm/formRoute. The manipulation of the argument subnet leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6486 | 1 Totolink | 2 A3002r, A3002r Firmware | 2025-07-07 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been declared as critical. This vulnerability affects the function formWlanMultipleAP of the file /boafrm/formWlanMultipleAP. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-40412 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2025-07-07 | N/A | 6.8 MEDIUM |
| Tenda AX12 v1.0 v22.03.01.46 contains a stack overflow in the deviceList parameter of the sub_42E410 function. | |||||
| CVE-2025-50260 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-07-07 | N/A | 7.5 HIGH |
| Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter. | |||||
| CVE-2025-24328 | 2025-07-03 | N/A | 4.2 MEDIUM | ||
| Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later. The OAM service component restarts automatically after the stack overflow without causing a base station restart or network service degradation, and without leaving any permanent impact on the Nokia Single RAN baseband OAM service. | |||||
| CVE-2025-43025 | 2025-07-03 | N/A | N/A | ||
| HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.). | |||||
| CVE-2025-6302 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-07-02 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is the function setStaticDhcpConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Comment leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-24075 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-07-02 | N/A | 7.8 HIGH |
| Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-50528 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-07-01 | N/A | 7.3 HIGH |
| A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6 <=V15.03.05.19 via the page parameter. | |||||
| CVE-2025-6886 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-07-01 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6887 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-07-01 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||