Total
4010 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-46553 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ipaddrmsk%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-46552 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sStRtMskShow parameter at ipstrt.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-46551 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_Pwd parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-46550 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-46478 | 1 Htmldoc Project | 1 Htmldoc | 2026-06-17 | N/A | 9.8 CRITICAL |
| HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681. | |||||
| CVE-2024-46451 | 1 Totolink | 2 T8, T8 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. | |||||
| CVE-2024-46431 | 1 Tenda | 2 W18e, W18e Firmware | 2026-06-17 | N/A | 8.0 HIGH |
| Tenda W18E V16.01.0.8(1625) is vulnerable to Buffer Overflow. An attacker with access to the web management portal can exploit this vulnerability by sending specially crafted data to the delWewifiPic function. | |||||
| CVE-2024-46424 | 1 Totolink | 2 T8, T8 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter. | |||||
| CVE-2024-46419 | 1 Totolink | 2 T8, T8 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter. | |||||
| CVE-2024-46304 | 2026-06-17 | N/A | 7.5 HIGH | ||
| A NULL pointer dereference in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial of service via the coap_handle_request_put_block function in src/coap_block.c. | |||||
| CVE-2024-46292 | 1 Trustwave | 1 Modsecurity | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service (DoS) via a crafted input inserted into the name parameter. NOTE: this is disputed by the Supplier because it cannot be reproduced. Also, the product's documentation indicates that it is not guaranteed to be usable with very large values of SecRequestBodyNoFilesLimit (which are required by the claimed issue). | |||||
| CVE-2024-46215 | 2026-06-17 | N/A | 6.5 MEDIUM | ||
| A vulnerability was discovered in KM08-708H-v1.1, There is a buffer overflow in the sub_445BDC() function within the /usr/sbin/goahead program; The strcpy function is executed without checking the length of the string, leading to a buffer overflow. | |||||
| CVE-2024-46045 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function. | |||||
| CVE-2024-45971 | 1 Mz-automation | 1 Libiec61850 | 2026-06-17 | N/A | 9.8 CRITICAL |
| Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message. | |||||
| CVE-2024-45970 | 1 Mz-automation | 1 Libiec61850 | 2026-06-17 | N/A | 9.8 CRITICAL |
| Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message. | |||||
| CVE-2024-45746 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| An issue was discovered in Trusted Firmware-M through 2.1.0. User provided (and controlled) mailbox messages contain a pointer to a list of input arguments (in_vec) and output arguments (out_vec). These list pointers are never validated. Each argument list contains a buffer pointer and a buffer length field. After a PSA call, the length of the output arguments behind the unchecked pointer is updated in mailbox_direct_reply, regardless of the call result. This allows an attacker to write anywhere in the secure firmware, which can be used to take over the control flow, leading to remote code execution (RCE). | |||||
| CVE-2024-45620 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2026-06-17 | N/A | 3.9 LOW |
| A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. | |||||
| CVE-2024-45619 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2026-06-17 | N/A | 4.3 MEDIUM |
| A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. | |||||
| CVE-2024-45547 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2026-06-17 | N/A | 7.8 HIGH |
| Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality. | |||||
| CVE-2024-45541 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 99 more | 2026-06-17 | N/A | 7.8 HIGH |
| Memory corruption when IOCTL call is invoked from user-space to read board data. | |||||