Total
2995 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-25667 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info. | |||||
| CVE-2025-25668 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function. | |||||
| CVE-2024-42812 | 1 Dlink | 2 Dir-860l, Dir-860l Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. | |||||
| CVE-2025-25664 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function. | |||||
| CVE-2024-46585 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at usergrp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-45230 | 1 Djangoproject | 1 Django | 2025-03-17 | N/A | 7.5 HIGH |
| An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. | |||||
| CVE-2025-25663 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. | |||||
| CVE-2024-46652 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function. | |||||
| CVE-2024-57703 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. | |||||
| CVE-2024-57578 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | N/A | 8.8 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. | |||||
| CVE-2024-57577 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | N/A | 5.7 MEDIUM |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | |||||
| CVE-2024-33214 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter in ip/goform/RouteStatic. | |||||
| CVE-2024-35571 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | |||||
| CVE-2025-25674 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid. | |||||
| CVE-2024-25373 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-03-17 | N/A | 4.6 MEDIUM |
| Tenda AC10V4.0 V16.03.10.20 was discovered to contain a stack overflow via the page parameter in the sub_49B384 function. | |||||
| CVE-2024-46571 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-46568 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-24416 | 1 Linuxfoundation | 1 Magma | 2025-03-15 | N/A | 7.5 HIGH |
| The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. | |||||
| CVE-2018-6789 | 3 Canonical, Debian, Exim | 3 Ubuntu Linux, Debian Linux, Exim | 2025-03-14 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. | |||||
| CVE-2024-41631 | 2025-03-14 | N/A | 7.5 HIGH | ||
| Buffer Overflow vulnerability in host-host NEUQ_board v.1.0 allows a remote attacker to cause a denial of service via the password.h component. | |||||