Total
1866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-10925 | 2025-10-29 | N/A | 7.8 HIGH | ||
| GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ILBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27793. | |||||
| CVE-2025-61128 | 2025-10-29 | N/A | 9.1 CRITICAL | ||
| Stack-based buffer overflow vulnerability in WAVLINK QUANTUM D3G/WL-WN530HG3 firmware M30HG3_V240730, and possibly other wavlink models allows attackers to execute arbitrary code via crafted referrer value POST to login.cgi. | |||||
| CVE-2024-45162 | 2025-10-29 | N/A | 9.8 CRITICAL | ||
| A stack-based buffer overflow issue was discovered in the phddns client in Blu-Castle BCUM221E 1.0.0P220507 via the password field. | |||||
| CVE-2025-61577 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-10-29 | N/A | 7.5 HIGH |
| D-Link DIR-816A2_FWv1.10CNB05 was discovered to contain a stack overflow via the statuscheckpppoeuser parameter in the dir_setWanWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2025-40843 | 2025-10-28 | N/A | 5.9 MEDIUM | ||
| CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. This issue affects CodeChecker: through 6.26.1. | |||||
| CVE-2025-60341 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2025-62579 | 1 Deltaww | 1 Asda Soft | 2025-10-28 | N/A | 7.8 HIGH |
| ASDA-Soft Stack-based Buffer Overflow Vulnerability | |||||
| CVE-2025-62580 | 1 Deltaww | 1 Asda Soft | 2025-10-28 | N/A | 7.8 HIGH |
| ASDA-Soft Stack-based Buffer Overflow Vulnerability | |||||
| CVE-2025-12209 | 1 Tenda | 2 O3, O3 Firmware1.0.0.10\(2478\) | 2025-10-28 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing manipulation of the argument dhcpEn can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-60566 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter. | |||||
| CVE-2025-12211 | 1 Tenda | 2 O3, O3 Firmware1.0.0.10\(2478\) | 2025-10-28 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-12210 | 1 Tenda | 2 O3, O3 Firmware1.0.0.10\(2478\) | 2025-10-28 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-20352 | 1 Cisco | 3 Ios, Ios Xe, Ios Xe Sd-wan | 2025-10-28 | N/A | 7.7 HIGH |
| A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system. Note: This vulnerability affects all versions of SNMP. | |||||
| CVE-2025-60568 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvFirewall. | |||||
| CVE-2025-60569 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetRoute. | |||||
| CVE-2025-60570 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLogDnsquery. | |||||
| CVE-2025-60571 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600LAx FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetQoS. | |||||
| CVE-2025-60572 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvNetwork. | |||||
| CVE-2025-60547 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard7. | |||||
| CVE-2025-60549 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAutoDetecWAN_wizard4. | |||||