Total
4015 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37017 | 2026-06-17 | N/A | 8.1 HIGH | ||
| asdcplib (aka AS-DCP Lib) 2.13.1 has a heap-based buffer over-read in ASDCP::TimedText::MXFReader::h__Reader::MD_to_TimedText_TDesc in AS_DCP_TimedText.cpp in libasdcp.so. | |||||
| CVE-2024-36760 | 2026-06-17 | N/A | 7.5 HIGH | ||
| A stack overflow vulnerability was found in version 1.18.0 of rhai. The flaw position is: (/ SRC/rhai/SRC/eval/STMT. Rs in rhai: : eval: : STMT: : _ $LT $impl $u20 $rhai.. engine.. Engine$GT$::eval_stmt::h3f1d68ce37fc6e96). Due to the stack overflow is a recursive call/SRC/rhai/SRC/eval/STMT. Rs file eval_stmt_block function. | |||||
| CVE-2024-36650 | 1 Totolink | 2 A3100r, A3100r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack. | |||||
| CVE-2024-36290 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 10.0 CRITICAL |
| A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-36272 | 1 Wavlink | 2 Wl-wn533a8, Wl-wn533a8 Firmware | 2026-06-17 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability exists in the usbip.cgi set_info() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-35823 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-06-17 | N/A | 5.3 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer"). The cure is also the same i.e. replace memcpy() with memmove() due to the overlaping buffers. | |||||
| CVE-2024-35571 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | |||||
| CVE-2024-35426 | 1 Lonelycoder | 1 Vmir | 2026-06-17 | N/A | 9.8 CRITICAL |
| vmir e8117 was discovered to contain a stack overflow via the init_local_vars function at /src/vmir_wasm_parser.c. | |||||
| CVE-2024-35422 | 1 Lonelycoder | 1 Vmir | 2026-06-17 | N/A | 7.8 HIGH |
| vmir e8117 was discovered to contain a heap buffer overflow via the wasm_call function at /src/vmir_wasm_parser.c. | |||||
| CVE-2024-35420 | 1 Kanaka | 1 Wac | 2026-06-17 | N/A | 6.2 MEDIUM |
| wac commit 385e1 was discovered to contain a heap overflow. | |||||
| CVE-2024-35419 | 1 Kanaka | 1 Wac | 2026-06-17 | N/A | 5.5 MEDIUM |
| wac commit 385e1 was discovered to contain a heap overflow via the load_module function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. | |||||
| CVE-2024-35418 | 1 Kanaka | 1 Wac | 2026-06-17 | N/A | 6.2 MEDIUM |
| wac commit 385e1 was discovered to contain a heap overflow via the setup_call function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. | |||||
| CVE-2024-35410 | 1 Kanaka | 1 Wac | 2026-06-17 | N/A | 6.2 MEDIUM |
| wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. | |||||
| CVE-2024-35400 | 1 Totolink | 2 Cp900l, Cp900l Firmware | 2026-06-17 | N/A | 5.3 MEDIUM |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules | |||||
| CVE-2024-35398 | 1 Totolink | 2 Cp900l, Cp900l Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules. | |||||
| CVE-2024-35106 | 2026-06-17 | N/A | 4.6 MEDIUM | ||
| NEXTU FLETA AX1500 WIFI6 v1.0.3 was discovered to contain a buffer overflow at /boafrm/formIpQoS. This vulnerability allows attackers to cause a Denial of Service (DoS) or potentially arbitrary code execution via a crafted POST request. | |||||
| CVE-2024-35099 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth. | |||||
| CVE-2024-34945 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPW parameter at ip/goform/WizardHandle. | |||||
| CVE-2024-34905 | 1 Cloudwise | 1 Flyfish | 2026-06-17 | N/A | 7.5 HIGH |
| FlyFish v3.0.0 was discovered to contain a buffer overflow via the password parameter on the login page. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-34727 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.5 HIGH |
| In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||