Total
4015 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-40427 | 1 Dronecode | 1 Px4 Drone Autopilot | 2026-06-17 | N/A | 7.9 HIGH |
| Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute | |||||
| CVE-2024-40415 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | |||||
| CVE-2024-40130 | 1 Open5gs | 1 Open5gs | 2026-06-17 | N/A | 9.8 CRITICAL |
| open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c. | |||||
| CVE-2024-40086 | 2026-06-17 | N/A | 9.6 CRITICAL | ||
| A Buffer Overflow vulnerability in the local_app_set_router_wifi_SSID_PWD function of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via a password field larger than 64 bytes in length. | |||||
| CVE-2024-40085 | 2026-06-17 | N/A | 9.6 CRITICAL | ||
| A Buffer Overflow vulnerability in the local_app_set_router_wan function of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via pppoe_username and pppoe_password fields being larger than 128 bytes in length. | |||||
| CVE-2024-40084 | 1 Viloliving | 2 Vilo 5, Vilo 5 Firmware | 2026-06-17 | N/A | 9.6 CRITICAL |
| A Buffer Overflow in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via exceptionally long HTTP methods or paths. | |||||
| CVE-2024-40083 | 2026-06-17 | N/A | 9.6 CRITICAL | ||
| A Buffer Overflow vulnerabilty in the local_app_set_router_token function of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via sscanf reading the token and timezone JSON fields into a fixed-length buffer. | |||||
| CVE-2024-3871 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities. Successful exploitation of these flaws would allow remote unauthenticated attackers to gain remote code execution with elevated privileges on the affected devices. This issue affects DVW-W02W2-E2 through version 2.5.2. | |||||
| CVE-2024-3506 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions. | |||||
| CVE-2024-3120 | 1 Irontec | 1 Sngrep | 2026-06-17 | N/A | 9.0 CRITICAL |
| A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_validate_packet and sip_parse_extra_headers functions within src/sip.c. This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via crafted SIP messages. | |||||
| CVE-2024-3119 | 1 Irontec | 1 Sngrep | 2026-06-17 | N/A | 9.0 CRITICAL |
| A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the data length. This flaw allows remote attackers to execute arbitrary code or cause a denial of service (DoS) through specially crafted SIP messages. | |||||
| CVE-2024-39803 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer overflow vulnerability exists in the `sel_mode` POST parameter. | |||||
| CVE-2024-39802 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer overflow vulnerability exists in the `qos_dat` POST parameter. | |||||
| CVE-2024-39801 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer overflow vulnerability exists in the `qos_bandwidth` POST parameter. | |||||
| CVE-2024-39774 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the adm.cgi set_sys_adm() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-39770 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `en_enable` POST parameter. | |||||
| CVE-2024-39769 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `cli_mac` POST parameter. | |||||
| CVE-2024-39768 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `cli_name` POST parameter. | |||||
| CVE-2024-39756 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the adm.cgi rep_as_router() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-39750 | 1 Ibm | 1 Analytics Content Hub | 2026-06-17 | N/A | 8.8 HIGH |
| IBM Analytics Content Hub 2.0 is vulnerable to a buffer overflow due to improper return length checking. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. | |||||