Total
1868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0767 | 1 Advantech | 1 Advantech Webaccess | 2025-09-19 | 7.5 HIGH | N/A |
| An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. This will overflow the static stack buffer. The attacker may then execute code on the target device remotely. | |||||
| CVE-2014-0766 | 1 Advantech | 1 Advantech Webaccess | 2025-09-19 | 7.5 HIGH | N/A |
| An attacker can exploit this vulnerability by copying an overly long NodeName2 argument into a statically sized buffer on the stack to overflow the static stack buffer. An attacker may use this vulnerability to remotely execute arbitrary code. | |||||
| CVE-2014-0765 | 1 Advantech | 1 Advantech Webaccess | 2025-09-19 | 7.5 HIGH | N/A |
| To exploit this vulnerability, the attacker sends data from the GotoCmd argument to control. If the value of the argument is overly long, the static stack buffer can be overflowed. This will allow the attacker to execute arbitrary code remotely. | |||||
| CVE-2014-0764 | 1 Advantech | 1 Advantech Webaccess | 2025-09-19 | 7.5 HIGH | N/A |
| By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely. | |||||
| CVE-2025-57062 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-18 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57069 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-18 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in the getsinglepppuser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57070 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-18 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57087 | 1 Tenda | 2 W30e, W30e Firmware | 2025-09-18 | N/A | 7.5 HIGH |
| Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the countryCode parameter in the werlessAdvancedSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57071 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-18 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in the formAddVpnUsers function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57072 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-18 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway parameter in the formSetStaticRoute function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57078 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pppoeServerWhiteMacIndex parameter in the formModifyPppAuthWhiteMac function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57085 | 1 Tenda | 2 W30e, W30e Firmware | 2025-09-17 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57086 | 1 Tenda | 2 W30e, W30e Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the String parameter in the formDeleteMeshNode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57060 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the dns_forward_rule_store function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2009-20007 | 2025-09-17 | N/A | N/A | ||
| Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by sending an overly long message that overflows a fixed-length buffer, potentially leading to arbitrary code execution in the context of the vulnerable process. This vulnerability is exploitable remotely and does not require authentication. | |||||
| CVE-2009-20005 | 2025-09-17 | N/A | N/A | ||
| A stack-based buffer overflow exists in the UtilConfigHome.csp endpoint of InterSystems Caché 2009.1. The vulnerability is triggered by sending a specially crafted HTTP GET request containing an oversized argument to the .csp handler. Due to insufficient bounds checking, the input overflows a stack buffer, allowing an attacker to overwrite control structures and execute arbitrary code. It is unknown if this vulnerability was patched and an affected version range remains undefined. | |||||
| CVE-2024-6137 | 1 Zephyrproject | 1 Zephyr | 2025-09-17 | N/A | 7.6 HIGH |
| BT: Classic: SDP OOB access in get_att_search_list | |||||
| CVE-2024-5931 | 1 Zephyrproject | 1 Zephyr | 2025-09-17 | N/A | 6.3 MEDIUM |
| BT: Unchecked user input in bap_broadcast_assistant | |||||
| CVE-2025-8159 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2025-09-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. This issue affects the function formLanguageChange of the file /goform/formLanguageChange of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2008-20001 | 2025-09-16 | N/A | N/A | ||
| activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although the control is not marked safe for scripting, exploitation is possible via crafted HTML content in Internet Explorer under permissive security settings. | |||||