Total
3148 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51885 | 1 Ctan | 1 Mathtex | 2025-05-30 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via the length of the LaTeX string component. | |||||
| CVE-2024-50697 | 1 Sungrowpower | 2 Winet-s, Winet-s Firmware | 2025-05-29 | N/A | 8.1 HIGH |
| In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow. | |||||
| CVE-2024-48426 | 1 Assimp | 1 Assimp | 2025-05-28 | N/A | 6.2 MEDIUM |
| A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971). | |||||
| CVE-2025-3728 | 1 Razormist | 1 Simple Hotel Booking System | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in SourceCodester Simple Hotel Booking System 1.0. This vulnerability affects the function Login. The manipulation of the argument uname leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-12988 | 1 Netgear | 4 R6900p, R6900p Firmware, R7000p and 1 more | 2025-05-28 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2022-40261 | 2 Ami, Intel | 5 Aptio V, Nuc M15 Laptop Kit Lapbc510, Nuc M15 Laptop Kit Lapbc510 Firmware and 2 more | 2025-05-28 | N/A | 8.2 HIGH |
| An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-installs. Additionally, this vulnerability potentially could be used by malicious actors to bypass security mechanisms provided by UEFI firmware (for example, Secure Boot and some types of memory isolation for hypervisors). This issue affects: Module name: OverClockSmiHandler SHA256: a204699576e1a48ce915d9d9423380c8e4c197003baf9d17e6504f0265f3039c Module GUID: 4698C2BD-A903-410E-AD1F-5EEF3A1AE422 | |||||
| CVE-2024-48416 | 1 Edimax | 2 Br-6476ac, Br-6476ac Firmware | 2025-05-28 | N/A | 8.8 HIGH |
| Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding. | |||||
| CVE-2024-48420 | 1 Edimax | 2 Br-6476ac, Br-6476ac Firmware | 2025-05-28 | N/A | 8.8 HIGH |
| Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic. | |||||
| CVE-2024-51139 | 1 Draytek | 46 Vigor1000b, Vigor1000b Firmware, Vigor2133 and 43 more | 2025-05-28 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5.3 and earlier and Vigor2962/3910 4.3.2.8/4.4.3.1 and earlier and Vigor3912 4.3.6.1 and earlier allows a remote attacker to execute arbitrary code via the CGI parser's handling of the "Content-Length" header of HTTP POST requests. | |||||
| CVE-2022-32788 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-28 | N/A | 9.8 CRITICAL |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. A remote user may be able to cause kernel code execution. | |||||
| CVE-2025-4114 | 1 Netgear | 2 Jwnr2000, Jwnr2000 Firmware | 2025-05-28 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Netgear JWNR2000v2 1.0.0.11. Affected is the function check_language_file. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-4889 | 1 Fabianros | 1 Tourism Management System | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4888 | 1 Code-projects | 1 Pharmacy Management System | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. This affects the function medicineType::take_order of the component Add Order Details. The manipulation leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5295 | 2025-05-28 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability classified as critical was found in FreeFloat FTP Server 1.0.0. This vulnerability affects unknown code of the component PORT Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5221 | 2025-05-28 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability was found in FreeFloat FTP Server 1.0.0. It has been classified as critical. This affects an unknown part of the component QUOTE Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-28722 | 1 Hp | 198 A7w93a, A7w93a Firmware, D3q15a and 195 more | 2025-05-27 | N/A | 9.8 CRITICAL |
| Certain HP Print Products are potentially vulnerable to Buffer Overflow. | |||||
| CVE-2024-38577 | 1 Linux | 1 Linux Kernel | 2025-05-27 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow There is a possibility of buffer overflow in show_rcu_tasks_trace_gp_kthread() if counters, passed to sprintf() are huge. Counter numbers, needed for this are unrealistically high, but buffer overflow is still possible. Use snprintf() with buffer size instead of sprintf(). Found by Linux Verification Center (linuxtesting.org) with SVACE. | |||||
| CVE-2024-57471 | 1 H3c | 2 N12, N12 Firmware | 2025-05-27 | N/A | 9.8 CRITICAL |
| H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs. | |||||
| CVE-2024-57479 | 1 H3c | 2 N12, N12 Firmware | 2025-05-27 | N/A | 9.8 CRITICAL |
| H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs. | |||||
| CVE-2024-57482 | 1 H3c | 2 N12, N12 Firmware | 2025-05-27 | N/A | 9.8 CRITICAL |
| H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs. | |||||