Total
3192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-52365 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 5.3 MEDIUM |
| Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally. | |||||
| CVE-2024-46557 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-13 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-37632 | 1 Totolink | 2 A3700r, A3700r Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth . | |||||
| CVE-2024-30584 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function. | |||||
| CVE-2024-30593 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function. | |||||
| CVE-2024-46586 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-13 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sCloudPass parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-46565 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-13 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvName parameter at service.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-52364 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 6.3 MEDIUM |
| Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write. | |||||
| CVE-2023-52551 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 5.3 MEDIUM |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52549 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 7.5 HIGH |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52550 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 7.5 HIGH |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52377 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 7.4 HIGH |
| Vulnerability of input data not being verified in the cellular data module.Successful exploitation of this vulnerability may cause out-of-bounds access. | |||||
| CVE-2023-52370 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | 9.8 CRITICAL |
| Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access. | |||||
| CVE-2025-20115 | 2025-03-12 | N/A | 8.6 HIGH | ||
| A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to a memory corruption that occurs when a BGP update is created with an AS_CONFED_SEQUENCE attribute that has 255 autonomous system numbers (AS numbers). An attacker could exploit this vulnerability by sending a crafted BGP update message, or the network could be designed in such a manner that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more. A successful exploit could allow the attacker to cause memory corruption, which may cause the BGP process to restart, resulting in a DoS condition. To exploit this vulnerability, an attacker must control a BGP confederation speaker within the same autonomous system as the victim, or the network must be designed in such a manner that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more. | |||||
| CVE-2025-2017 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25240. | |||||
| CVE-2023-0996 | 1 Struktur | 1 Libheif | 2025-03-11 | N/A | 7.8 HIGH |
| There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. | |||||
| CVE-2022-48260 | 1 Huawei | 2 Bisheng-wnm, Bisheng-wnm Firmware | 2025-03-11 | N/A | 7.5 HIGH |
| There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions. | |||||
| CVE-2023-22753 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-11 | N/A | 8.1 HIGH |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-53695 | 2025-03-07 | N/A | N/A | ||
| A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later | |||||
| CVE-2022-47664 | 1 Struktur | 1 Libde265 | 2025-03-07 | N/A | 7.8 HIGH |
| Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse | |||||