Total
3708 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-31795 | 1 Color | 1 Iccdev | 2026-03-13 | N/A | 7.8 HIGH |
| iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow write in CIccXform3DLut::Apply() corrupting stack memory or crash. This vulnerability is fixed in 2.3.1.5. | |||||
| CVE-2026-30987 | 1 Color | 1 Iccdev | 2026-03-13 | N/A | 7.8 HIGH |
| iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in CIccTagNum<>::GetValues() causing stack memory corruption or crash. This vulnerability is fixed in 2.3.1.5. | |||||
| CVE-2026-30985 | 1 Color | 1 Iccdev | 2026-03-13 | N/A | 7.8 HIGH |
| iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow write in CIccMatrixMath::SetRange() causing memory corruption or crash. This vulnerability is fixed in 2.3.1.5. | |||||
| CVE-2026-30983 | 1 Color | 1 Iccdev | 2026-03-13 | N/A | 7.8 HIGH |
| iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in icFixXml() (strcpy) causing stack memory corruption or crash. This vulnerability is fixed in 2.3.1.5. | |||||
| CVE-2026-30981 | 1 Color | 1 Iccdev | 2026-03-13 | N/A | 6.1 MEDIUM |
| iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-buffer-overflow read in CIccXmlArrayType<>::DumpArray() causing out-of-bounds read and/or crash. This vulnerability is fixed in 2.3.1.5. | |||||
| CVE-2026-30979 | 1 Color | 1 Iccdev | 2026-03-13 | N/A | 7.8 HIGH |
| iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow in CIccCalculatorFunc::InitSelectOp() triggered with local user interaction causing memory corruption/crash. This vulnerability is fixed in 2.3.1.5. | |||||
| CVE-2026-32746 | 2026-03-13 | N/A | 9.8 CRITICAL | ||
| telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full. | |||||
| CVE-2025-71263 | 2026-03-13 | N/A | 7.4 HIGH | ||
| In UNIX Fourth Research Edition (v4), the su command is vulnerable to a buffer overflow due to the 'password' variable having a fixed size of 100 bytes. A local user can exploit this to gain root privileges. It is unlikely that UNIX v4 is running anywhere outside of a very small number of lab environments. | |||||
| CVE-2026-0110 | 1 Google | 1 Android | 2026-03-11 | N/A | 9.8 CRITICAL |
| In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2026-22627 | 2026-03-11 | N/A | 8.8 HIGH | ||
| A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet. | |||||
| CVE-2026-3701 | 1 H3c | 2 Magic B1, Magic B1 Firmware | 2026-03-10 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-3698 | 1 Utt | 2 810g, 810g Firmware | 2026-03-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used. | |||||
| CVE-2026-3699 | 1 Utt | 2 810g, 810g Firmware | 2026-03-10 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-3700 | 1 Utt | 2 810g, 810g Firmware | 2026-03-10 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2026-3814 | 1 Utt | 2 810g, 810g Firmware | 2026-03-10 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-3815 | 1 Utt | 2 810g, 810g Firmware | 2026-03-10 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2025-46108 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | N/A | 9.8 CRITICAL |
| D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the function formTcpipSetup. | |||||
| CVE-2026-24103 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-03-05 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability was discovered in goform/formSetMacFilterCfg in Tenda AC15V1.0 V15.03.05.18_multi. | |||||
| CVE-2026-20100 | 2026-03-05 | N/A | 7.7 HIGH | ||
| A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This does not affect the management or MUS interfaces. This vulnerability is due to trusting user input without validation in the LUA interprerter. An attacker could exploit this vulnerability by sending crafted HTTP packets to the Remote Access SSL VPN server. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. | |||||
| CVE-2026-24113 | 1 Tenda | 2 W20e, W20e Firmware | 2026-03-05 | N/A | 9.8 CRITICAL |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr`. When this value is passed into the `getMibPrefix` function and concatenated using `sprintf` without proper size validation, it could lead to a buffer overflow vulnerability. | |||||