Total
3144 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-1253 | 1 Rti | 1 Connext Professional | 2025-06-05 | N/A | 7.8 HIGH |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 4.5 before 6.1.2.23. | |||||
| CVE-2022-23093 | 1 Freebsd | 1 Freebsd | 2025-06-04 | N/A | 6.5 MEDIUM |
| ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header. The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes. The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash. The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur. | |||||
| CVE-2025-4844 | 1 Freefloat | 1 Ftp Server | 2025-06-04 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4845 | 1 Freefloat | 1 Ftp Server | 2025-06-04 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component TRACE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4847 | 1 Freefloat | 1 Ftp Server | 2025-06-04 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component MLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4848 | 1 Freefloat | 1 Ftp Server | 2025-06-04 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RECV Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-36650 | 1 Totolink | 2 A3100r, A3100r Firmware | 2025-06-04 | N/A | 7.5 HIGH |
| TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack. | |||||
| CVE-2024-52711 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-06-04 | N/A | 5.7 MEDIUM |
| DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. | |||||
| CVE-2024-50305 | 1 Apache | 1 Traffic Server | 2025-06-04 | N/A | 7.5 HIGH |
| Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue. | |||||
| CVE-2022-25708 | 1 Qualcomm | 34 Sd888 5g, Sd888 5g Firmware, Sd 8 Gen1 5g Firmware and 31 more | 2025-06-04 | N/A | 9.8 CRITICAL |
| Memory corruption in WLAN due to buffer copy without checking size of input while parsing keys in Snapdragon Connectivity, Snapdragon Mobile | |||||
| CVE-2025-5547 | 2025-06-04 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. This issue affects some unknown processing of the component CDUP Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5551 | 2025-06-04 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. This affects an unknown part of the component SYSTEM Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5548 | 2025-06-04 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component NOOP Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-53013 | 2025-06-04 | N/A | 6.6 MEDIUM | ||
| Memory corruption may occur while processing voice call registration with user. | |||||
| CVE-2025-5549 | 2025-06-04 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component PASV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5601 | 2025-06-04 | N/A | 7.8 HIGH | ||
| Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2025-5550 | 2025-06-04 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this issue is some unknown functionality of the component PBSZ Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-38541 | 1 Linux | 1 Linux Kernel | 2025-06-04 | N/A | 9.8 CRITICAL |
| In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will point beyond the buffer's end. Add the buffer overflow check after the 1st snprintf() call and fix such check after the strlen() call (accounting for the terminating NUL char). | |||||
| CVE-2025-5156 | 1 H3c | 2 Gr-5400ax, Gr-5400ax Firmware | 2025-06-03 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in H3C GR-5400AX up to 100R008 and classified as critical. Affected by this issue is the function EditWlanMacList of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-32228 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 6.6 MEDIUM |
| FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevc_frame_end. | |||||