Total
3989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-11517 | 2026-06-09 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-11516 | 2026-06-09 | 5.2 MEDIUM | 5.5 MEDIUM | ||
| A vulnerability was found in UTT HiPER 2610G up to 3.0.0-171107. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the argument NatBinds results in buffer overflow. The exploit has been made public and could be used. | |||||
| CVE-2021-43619 | 1 Trustedfirmware | 1 Trusted Firmware-m | 2026-06-05 | 4.6 MEDIUM | 7.8 HIGH |
| Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations. | |||||
| CVE-2026-34875 | 1 Trustedfirmware | 2 Mbed Tls, Tf-psa-crypto | 2026-06-05 | N/A | 9.8 CRITICAL |
| An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys. | |||||
| CVE-2023-43615 | 3 Arm, Fedoraproject, Trustedfirmware | 3 Mbed Tls, Fedora, Mbed Tls | 2026-06-05 | N/A | 7.5 HIGH |
| Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | |||||
| CVE-2023-45199 | 1 Trustedfirmware | 1 Mbed Tls | 2026-06-05 | N/A | 9.8 CRITICAL |
| Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. | |||||
| CVE-2025-12686 | 1 Synology | 1 Beestation Os | 2026-06-05 | N/A | 9.8 CRITICAL |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2019-25736 | 2026-06-04 | N/A | 8.4 HIGH | ||
| LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.exe or other arbitrary commands. | |||||
| CVE-2019-25741 | 2026-06-04 | N/A | 9.8 CRITICAL | ||
| Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the vulnerability when imported and executed, enabling reverse shell execution with user privileges. | |||||
| CVE-2019-25733 | 2026-06-04 | N/A | 8.4 HIGH | ||
| NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a payload with overwritten SEH and NSEH pointers through the Restrictions custom filter field to trigger code execution when the Find function is invoked. | |||||
| CVE-2019-25735 | 2026-06-04 | N/A | 8.4 HIGH | ||
| AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code execution to run arbitrary commands with user privileges. | |||||
| CVE-2018-25426 | 1 Winmtr | 1 Winmtr | 2026-06-03 | N/A | 7.5 HIGH |
| WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow condition that causes the application to crash. | |||||
| CVE-2026-30652 | 1 Vivotek | 2 Fd8136, Fd8136 Firmware | 2026-06-03 | N/A | 8.8 HIGH |
| A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device. | |||||
| CVE-2026-30650 | 1 Vivotek | 2 Fd8136, Fd8136 Firmware | 2026-06-03 | N/A | 8.8 HIGH |
| A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device remotely. | |||||
| CVE-2021-22659 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 Firmware | 2026-06-03 | 7.5 HIGH | 8.6 HIGH |
| Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a denial-of-service condition. The FAULT LED will flash RED and communications may be lost. Recovery from denial-of-service condition requires the fault to be cleared by the user. | |||||
| CVE-2026-0056 | 1 Google | 1 Android | 2026-06-03 | N/A | 3.3 LOW |
| In setTo of ResourceTypes.cpp, there is a possible read out of bounds due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2026-28580 | 1 Google | 1 Android | 2026-06-03 | N/A | 7.8 HIGH |
| In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2016-9363 | 1 Moxa | 51 Nport 5100 Series Firmware, Nport 5100a Series Firmware, Nport 5110 and 48 more | 2026-06-02 | 7.5 HIGH | 7.3 HIGH |
| An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Buffer overflow vulnerability may allow an unauthenticated attacker to remotely execute arbitrary code. | |||||
| CVE-2026-25277 | 1 Qualcomm | 114 Cq8750m, Cq8750m Firmware, Fastconnect 6700 and 111 more | 2026-06-02 | N/A | 8.8 HIGH |
| Memory corruption while using Strongbox due to buffer overflow. | |||||
| CVE-2026-3870 | 2026-06-02 | N/A | 6.5 MEDIUM | ||
| A buffer overflow vulnerability in the UPnP AddPortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.13(ABRL.5.4)C0 could allow an adjacent attacker to trigger a temporary denial-of-service (DoS) condition affecting the UPnP function of the affected device. | |||||