Total
3990 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46035 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint | |||||
| CVE-2025-45866 | 1 Totolink | 2 A3002r, A3002r Firmware | 2026-06-17 | N/A | 5.4 MEDIUM |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface. | |||||
| CVE-2025-45865 | 1 Totolink | 2 A3002r, A3002r Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the dnsaddr parameter in the formDhcpv6s interface. | |||||
| CVE-2025-45864 | 1 Totolink | 2 A3002r, A3002r Firmware | 2026-06-17 | N/A | 5.4 MEDIUM |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface. | |||||
| CVE-2025-45863 | 1 Totolink | 2 A3002r, A3002r Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface. | |||||
| CVE-2025-45861 | 1 Totolink | 2 A3002r, A3002r Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface. | |||||
| CVE-2025-45859 | 1 Totolink | 2 A3002r, A3002r Firmware | 2026-06-17 | N/A | 5.4 MEDIUM |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface. | |||||
| CVE-2025-45779 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter. | |||||
| CVE-2025-44952 | 1 Open5gs | 1 Open5gs | 2026-06-17 | N/A | 7.8 HIGH |
| A missing length check in `ogs_pfcp_subnet_add` function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the `session.dnn` field with a value with length greater than 101. | |||||
| CVE-2025-44951 | 1 Open5gs | 1 Open5gs | 2026-06-17 | N/A | 7.1 HIGH |
| A missing length check in `ogs_pfcp_dev_add` function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the `session.dev` field with a value with length greater than 32. | |||||
| CVE-2025-44879 | 2026-06-17 | N/A | 7.5 HIGH | ||
| WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | |||||
| CVE-2025-44175 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 5.4 MEDIUM |
| Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function. | |||||
| CVE-2025-43532 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 2.8 LOW |
| A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing malicious data may lead to unexpected app termination. | |||||
| CVE-2025-43520 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2025-43501 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash. | |||||
| CVE-2025-43370 | 1 Apple | 1 Xcode | 2026-06-17 | N/A | 4.0 MEDIUM |
| A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process. | |||||
| CVE-2025-43312 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to cause unexpected system termination. | |||||
| CVE-2025-41707 | 2026-06-17 | N/A | 5.3 MEDIUM | ||
| The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality. | |||||
| CVE-2025-41706 | 2026-06-17 | N/A | 5.3 MEDIUM | ||
| The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting the core functionality. | |||||
| CVE-2025-41418 | 2026-06-17 | N/A | 5.3 MEDIUM | ||
| Buffer Overflow vulnerability exists in multiple versions of TB-eye network recorders and AHD recorders. The CGI process may be terminated abnormally by processing a specially crafted request. | |||||