Total
3556 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-28164 | 2026-01-28 | N/A | 5.5 MEDIUM | ||
| Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function. | |||||
| CVE-2026-1420 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2026-01-28 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapsk_crypto causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. | |||||
| CVE-2025-14187 | 2026-01-28 | 8.3 HIGH | 7.2 HIGH | ||
| A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. It is recommended to upgrade the affected component. | |||||
| CVE-2026-24793 | 2026-01-27 | N/A | N/A | ||
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in azerothcore azerothcore-wotlk (deps/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects azerothcore-wotlk: through v4.0.0. | |||||
| CVE-2020-36940 | 2026-01-27 | N/A | 9.8 CRITICAL | ||
| Easy CD & DVD Cover Creator 4.13 contains a buffer overflow vulnerability in the serial number input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the serial number field to trigger an application crash. | |||||
| CVE-2025-47334 | 1 Qualcomm | 292 Csra6620, Csra6620 Firmware, Csra6640 and 289 more | 2026-01-27 | N/A | 6.7 MEDIUM |
| Memory corruption while processing shared command buffer packet between camera userspace and kernel. | |||||
| CVE-2025-47335 | 1 Qualcomm | 90 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 87 more | 2026-01-27 | N/A | 6.7 MEDIUM |
| Memory corruption while parsing clock configuration data for a specific hardware type. | |||||
| CVE-2025-47321 | 1 Qualcomm | 230 Ar8031, Ar8031 Firmware, Ar8035 and 227 more | 2026-01-27 | N/A | 7.8 HIGH |
| Memory corruption while copying packets received from unix clients. | |||||
| CVE-2025-47388 | 1 Qualcomm | 90 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 87 more | 2026-01-27 | N/A | 7.8 HIGH |
| Memory corruption while passing pages to DSP with an unaligned starting address. | |||||
| CVE-2025-47394 | 1 Qualcomm | 90 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 87 more | 2026-01-27 | N/A | 7.8 HIGH |
| Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations. | |||||
| CVE-2026-24800 | 2026-01-27 | N/A | N/A | ||
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in tildearrow furnace (extern/zlib modules). This vulnerability is associated with program files inflate.C. | |||||
| CVE-2026-24810 | 2026-01-27 | N/A | N/A | ||
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb (src/cjson modules). This vulnerability is associated with program files cJSON.Cc. This issue affects rethinkdb: through v2.4.4. | |||||
| CVE-2026-24799 | 2026-01-27 | N/A | N/A | ||
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in davisking dlib (dlib/external/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9. | |||||
| CVE-2026-24344 | 2026-01-27 | N/A | N/A | ||
| Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution | |||||
| CVE-2026-24823 | 2026-01-27 | N/A | N/A | ||
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7. | |||||
| CVE-2026-1138 | 2026-01-26 | 9.0 HIGH | 8.8 HIGH | ||
| A flaw has been found in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. Executing a manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-1158 | 2026-01-26 | 9.0 HIGH | 8.8 HIGH | ||
| A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-1162 | 2026-01-26 | 10.0 HIGH | 9.8 CRITICAL | ||
| A flaw has been found in UTT HiPER 810 1.7.4-141218. The impacted element is the function strcpy of the file /goform/setSysAdm. This manipulation of the argument passwd1 causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. | |||||
| CVE-2026-1155 | 2026-01-26 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. Affected by this vulnerability is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. | |||||
| CVE-2026-1156 | 2026-01-26 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was determined in Totolink LR350 9.3.5u.6369_B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | |||||