Vulnerabilities (CVE)

Filtered by CWE-119
Total 13631 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-2619 1 Dlink 2 Dap-1620, Dap-1620 Firmware 2026-06-17 10.0 HIGH 9.8 CRITICAL
A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function check_dws_cookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-2618 1 Dlink 2 Dap-1620, Dap-1620 Firmware 2026-06-17 10.0 HIGH 9.8 CRITICAL
A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of the component Path Handler. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-2592 1 Assimp 1 Assimp 2026-06-17 7.5 HIGH 6.3 MEDIUM
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 2690e354da0c681db000cfd892a55226788f2743. It is recommended to apply a patch to fix this issue.
CVE-2025-2584 1 Webassembly 1 Wabt 2026-06-17 5.1 MEDIUM 5.0 MEDIUM
A vulnerability was found in WebAssembly wabt 1.0.36. It has been declared as critical. This vulnerability affects the function BinaryReaderInterp::GetReturnCallDropKeepCount of the file wabt/src/interp/binary-reader-interp.cc. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
CVE-2025-2521 2026-06-17 N/A 8.6 HIGH
The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against buffer borders leading to remote code execution. Honeywell recommends updating to the most recent version of Honeywell Experion PKS: 520.2 TCU9 HF1 and 530.1 TCU3 HF1 and OneWireless: 322.5 and 331.1. The affected Experion PKS products are C300 PCNT02, C300 PCNT05, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E. The Experion PKS versions affected are from 520.1 through 520.2 TCU9 and from 530 through 530 TCU3.The OneWireless WDM affected versions are 322.1 through 322.4 and 330.1 through 330.3.
CVE-2025-2401 2026-06-17 N/A N/A
Buffer overflow vulnerability in Immunity Debugger affecting version 1.85, its exploitation could allow a local attacker to execute arbitrary code, due to the lack of proper boundary checking.
CVE-2025-2370 1 Totolink 2 Ex1800t, Ex1800t Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-2369 1 Totolink 2 Ex1800t, Ex1800t Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-2368 1 Webassembly 1 Wabt 2026-06-17 7.5 HIGH 6.3 MEDIUM
A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
CVE-2025-2357 1 Offis 1 Dcmtk 2026-06-17 7.5 HIGH 6.3 MEDIUM
A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.
CVE-2025-2338 1 Matio Project 1 Matio 2026-06-17 7.5 HIGH 6.3 MEDIUM
A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdup_vprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-2337 1 Matio Project 1 Matio 2026-06-17 7.5 HIGH 6.3 MEDIUM
A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function Mat_VarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-2310 1 Hdfgroup 1 Hdf5 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.
CVE-2025-2309 1 Hdfgroup 1 Hdf5 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.
CVE-2025-2308 1 Hdfgroup 1 Hdf5 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.
CVE-2025-2153 1 Hdfgroup 1 Hdf5 2026-06-17 5.1 MEDIUM 5.0 MEDIUM
A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
CVE-2025-2152 1 Assimp 1 Assimp 2026-06-17 7.5 HIGH 6.3 MEDIUM
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-2151 1 Assimp 1 Assimp 2026-06-17 7.5 HIGH 6.3 MEDIUM
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-2148 1 Linuxfoundation 1 Pytorch 2026-06-17 5.1 MEDIUM 5.0 MEDIUM
A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.
CVE-2025-2097 1 Totolink 2 Ex1800t, Ex1800t Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument loginpass leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.