Total
1731 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40484 | 1 Nemetschek | 1 Cinema 4d | 2025-05-27 | N/A | 7.8 HIGH |
| Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21432. | |||||
| CVE-2023-40485 | 1 Nemetschek | 1 Cinema 4d | 2025-05-27 | N/A | 7.8 HIGH |
| Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21433. | |||||
| CVE-2025-45514 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-05-27 | N/A | 6.5 MEDIUM |
| Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm. | |||||
| CVE-2025-4810 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2025-05-24 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4809 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2025-05-24 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function fromSafeSetMacFilter of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-45862 | 1 Totolink | 2 A3002r, A3002r Firmware | 2025-05-24 | N/A | 6.5 MEDIUM |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface. | |||||
| CVE-2025-45513 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-05-24 | N/A | 9.8 CRITICAL |
| Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter. | |||||
| CVE-2025-4544 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-05-22 | 6.8 MEDIUM | 6.6 MEDIUM |
| A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument def_max/def_time/def_tcp_max/def_tcp_time/def_udp_max/def_udp_time/def_icmp_max leads to stack-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. | |||||
| CVE-2025-40634 | 2025-05-21 | N/A | N/A | ||
| Stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router, in firmware versions prior to 1.0.15 build 241203 rel61480. This vulnerability allows an attacker to execute arbitrary code on the device over LAN and WAN networks. | |||||
| CVE-2025-41426 | 2025-05-21 | N/A | 9.8 CRITICAL | ||
| Affected Vertiv products contain a stack based buffer overflow vulnerability. An attacker could exploit this vulnerability to gain code execution on the device. | |||||
| CVE-2025-4883 | 1 Dlink | 2 Di-8100g, Di-8100g Firmware | 2025-05-21 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4890 | 1 Fabianros | 1 Tourism Management System | 2025-05-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1876 | 1 Dlink | 2 Dap-1562, Dap-1562 Firmware | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function http_request_parse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-44674 | 1 Dlink | 2 Covr-2600r, Covr-2600r Firmware | 2025-05-21 | N/A | 5.7 MEDIUM |
| D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src. | |||||
| CVE-2024-44589 | 1 Dlink | 2 Dcs-960l, Dcs-960l Firmware | 2025-05-21 | N/A | 8.8 HIGH |
| Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers to execute of arbitrary code. | |||||
| CVE-2024-33772 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2025-05-21 | N/A | 5.7 MEDIUM |
| A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter "curTime." | |||||
| CVE-2024-47939 | 2025-05-21 | N/A | 7.7 HIGH | ||
| Stack-based buffer overflow vulnerability exists in multiple laser printers and MFPs which implement Ricoh Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. As for the details of affected product names and versions, refer to the information provided by the vendors under [References]. | |||||
| CVE-2025-30421 | 1 Ni | 1 Circuit Design Suite | 2025-05-20 | N/A | 7.8 HIGH |
| There is a memory corruption vulnerability due to a stack-based buffer overflow in DrObjectStorage::XML_Serialize() when using the SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions. | |||||
| CVE-2025-47760 | 1 Fujielectric | 1 Monitouch V-sft | 2025-05-19 | N/A | 7.8 HIGH |
| V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution. | |||||
| CVE-2025-47759 | 1 Fujielectric | 1 Monitouch V-sft | 2025-05-19 | N/A | 7.8 HIGH |
| V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution. | |||||