Total
1738 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36337 | 1 Insyde | 1 Kernel | 2025-04-25 | N/A | 8.2 HIGH |
| An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code. | |||||
| CVE-2025-22911 | 1 Edimax | 2 Re11s, Re11s Firmware | 2025-04-23 | N/A | 5.6 MEDIUM |
| RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the formiNICbasicREP function. | |||||
| CVE-2025-22903 | 1 Totolink | 2 N600r, N600r Firmware | 2025-04-22 | N/A | 4.6 MEDIUM |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the pin parameter in the function setWiFiWpsConfig. | |||||
| CVE-2025-22900 | 1 Totolink | 2 N600r, N600r Firmware | 2025-04-22 | N/A | 9.8 CRITICAL |
| Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function. | |||||
| CVE-2025-25457 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-04-22 | N/A | 7.5 HIGH |
| Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via cloneType2. | |||||
| CVE-2025-25454 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-04-22 | N/A | 7.5 HIGH |
| Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanSpeed2. | |||||
| CVE-2025-25455 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-04-22 | N/A | 7.5 HIGH |
| Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanMTU2. | |||||
| CVE-2024-20130 | 2 Google, Mediatek | 30 Android, Mt6739, Mt6761 and 27 more | 2025-04-22 | N/A | 6.7 MEDIUM |
| In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09193374; Issue ID: MSV-1982. | |||||
| CVE-2024-27655 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-04-21 | N/A | 8.8 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||||
| CVE-2024-27656 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-04-21 | N/A | 8.8 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||||
| CVE-2024-27657 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-04-21 | N/A | 8.8 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||||
| CVE-2025-0438 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 8.8 HIGH |
| Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2017-12188 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 6.9 MEDIUM | 7.8 HIGH |
| arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun." | |||||
| CVE-2024-29164 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_heap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2024-54808 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-17 | N/A | 9.8 CRITICAL |
| Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution. | |||||
| CVE-2024-54809 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-17 | N/A | 9.8 CRITICAL |
| Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is determined based on the input specified. By sending a specially crafted packet, an attacker can take control of the program counter and hijack control flow of the program to execute arbitrary system commands. | |||||
| CVE-2024-25391 | 1 Rt-thread | 1 Rt-thread | 2025-04-16 | N/A | 8.4 HIGH |
| A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2. | |||||
| CVE-2024-25393 | 1 Rt-thread | 1 Rt-thread | 2025-04-16 | N/A | 9.8 CRITICAL |
| A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2. | |||||
| CVE-2025-3588 | 2025-04-15 | 4.3 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-57440 | 1 Dlink | 2 Dsl-3788, Dsl-3788 Firmware | 2025-04-15 | N/A | 7.5 HIGH |
| D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer Overflow via the COMM_MAKECustomMsg function of the webproc cgi | |||||