Total
12136 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-45789 | 1 Totolink | 2 A3100r, A3100r Firmware | 2025-05-16 | N/A | 9.8 CRITICAL |
| TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the urlKeyword parameter in setParentalRules. | |||||
| CVE-2025-45790 | 1 Totolink | 2 A3100r, A3100r Firmware | 2025-05-16 | N/A | 9.8 CRITICAL |
| TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMacQos interface of /lib/cste_modules/firewall.so. | |||||
| CVE-2025-45797 | 1 Totolink | 2 A950rg, A950rg Firmware | 2025-05-16 | N/A | 9.8 CRITICAL |
| TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so. | |||||
| CVE-2025-4471 | 1 Fabianros | 1 Jewellery Store Management System | 2025-05-16 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component Search Item View. The manipulation of the argument str2 leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4472 | 1 Fabianros | 1 Departmental Store Management System | 2025-05-16 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4480 | 1 Fabianros | 1 Simple College Management System | 2025-05-16 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-29222 | 2025-05-16 | N/A | 6.1 MEDIUM | ||
| Out-of-bounds write for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2025-4640 | 2025-05-16 | N/A | N/A | ||
| Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib. | |||||
| CVE-2024-55569 | 2025-05-16 | N/A | 7.5 HIGH | ||
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The lack of a length check leads to out-of-bounds writes. | |||||
| CVE-2025-4500 | 1 Code-projects | 1 Hotel Management System | 2025-05-16 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in code-projects Hotel Management System 1.0. Affected by this issue is the function Edit of the component Edit Room. The manipulation of the argument roomnumber leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4059 | 1 Code-projects | 1 Prison Management System | 2025-05-15 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component Prison_Mgmt_Sys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-25447 | 1 Enlightenment | 1 Imlib2 | 2025-05-15 | N/A | 8.8 HIGH |
| An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | |||||
| CVE-2024-25004 | 1 9bis | 1 Kitty | 2025-05-15 | N/A | 7.8 HIGH |
| KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution. | |||||
| CVE-2024-24543 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-05-15 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data. | |||||
| CVE-2024-23978 | 1 Kddi | 2 Home Spot Cube 2, Home Spot Cube 2 Firmware | 2025-05-15 | N/A | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported. | |||||
| CVE-2024-22852 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2025-05-15 | N/A | 9.8 CRITICAL |
| D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload. | |||||
| CVE-2024-22667 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2025-05-15 | N/A | 7.8 HIGH |
| Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | |||||
| CVE-2024-20813 | 1 Samsung | 1 Android | 2025-05-15 | N/A | 8.4 HIGH |
| Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2024-20812 | 1 Samsung | 1 Android | 2025-05-15 | N/A | 8.4 HIGH |
| Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2024-20007 | 2 Google, Mediatek | 34 Android, Mt6580, Mt6739 and 31 more | 2025-05-15 | N/A | 7.5 HIGH |
| In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369. | |||||