Total
4008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-5463 | 1 Synology | 4 Bc500, Bc500 Firmware, Tc500 and 1 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors. This attack only affects the login service which will automatically restart. The following models with Synology Camera Firmware versions before 1.1.1-0383 may be affected: BC500 and TC500. | |||||
| CVE-2024-5412 | 1 Zyxel | 100 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 97 more | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
| CVE-2024-5305 | 1 Tungstenautomation | 1 Power Pdf | 2026-06-17 | N/A | 7.8 HIGH |
| Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22921. | |||||
| CVE-2024-5243 | 1 Tp-link | 2 Omada Er605, Omada Er605 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DNS names. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22523. | |||||
| CVE-2024-58110 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.6 MEDIUM |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58109 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.6 MEDIUM |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58108 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.6 MEDIUM |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58107 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 7.5 HIGH |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58106 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.6 MEDIUM |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-57703 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. | |||||
| CVE-2024-57578 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 8.8 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. | |||||
| CVE-2024-57577 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 5.7 MEDIUM |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | |||||
| CVE-2024-57545 | 1 Linksys | 2 E8450, E8450 Firmware | 2026-06-17 | N/A | 5.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification. | |||||
| CVE-2024-57544 | 1 Linksys | 2 E8450, E8450 Firmware | 2026-06-17 | N/A | 5.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification. | |||||
| CVE-2024-57543 | 1 Linksys | 2 E8450, E8450 Firmware | 2026-06-17 | N/A | 5.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification. | |||||
| CVE-2024-57541 | 1 Linksys | 2 E8450, E8450 Firmware | 2026-06-17 | N/A | 5.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification. | |||||
| CVE-2024-57540 | 1 Linksys | 2 E8450, E8450 Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification. | |||||
| CVE-2024-57538 | 1 Linksys | 2 E8450, E8450 Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification. | |||||
| CVE-2024-57537 | 1 Linksys | 2 E8450, E8450 Firmware | 2026-06-17 | N/A | 6.3 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification. | |||||
| CVE-2024-57513 | 2026-06-17 | N/A | 6.5 MEDIUM | ||
| A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4. | |||||