Total
2548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-70227 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the nextPage parameter to goform/formLanguageChange. | |||||
| CVE-2025-70242 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formSetWanPPTP. | |||||
| CVE-2025-70246 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formVirtualServ. | |||||
| CVE-2025-70247 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard1. | |||||
| CVE-2025-70249 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard2. | |||||
| CVE-2025-70251 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanGuestSetup. | |||||
| CVE-2026-26732 | 1 Totolink | 2 A3002ru-v2, A3002ru Firmware | 2026-03-11 | N/A | 8.8 HIGH |
| TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the vpnUser or vpnPassword` parameters in the formFilter function. | |||||
| CVE-2025-70616 | 1 Dieboldnixdorf | 1 Wnbios64.sys | 2026-03-10 | N/A | 7.8 HIGH |
| A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer (Src[40]) using memmove. An attacker with local access can exploit this vulnerability by sending a crafted IOCTL request with Options > 40, causing a stack buffer overflow that may lead to kernel code execution, local privilege escalation, or denial of service (system crash). Additionally, the same IOCTL handler can leak kernel addresses and other sensitive stack data when reading beyond the buffer boundaries. | |||||
| CVE-2026-29068 | 1 Pjsip | 1 Pjsip | 2026-03-10 | N/A | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17. | |||||
| CVE-2026-3715 | 1 Wavlink | 2 Wl-wn579x3-c, Wl-wn579x3-c Firmware | 2026-03-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Upgrading to version 20260226 is able to mitigate this issue. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. | |||||
| CVE-2026-3823 | 1 Blackbeartechhive | 4 Atop Ehg2408, Atop Ehg2408-2sfp, Atop Ehg2408-2sfp Firmware and 1 more | 2026-03-10 | N/A | 8.8 HIGH |
| EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code. | |||||
| CVE-2026-3613 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-03-10 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was identified in Wavlink WL-NU516U1 V240425. This vulnerability affects the function sub_401A0C of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure. | |||||
| CVE-2026-22923 | 1 Siemens | 1 Nx | 2026-03-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution. | |||||
| CVE-2025-70241 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-09 | N/A | 9.8 CRITICAL |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANType_Wizard5. | |||||
| CVE-2025-70240 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-09 | N/A | 9.8 CRITICAL |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard51. | |||||
| CVE-2025-70239 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-09 | N/A | 9.8 CRITICAL |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard55. | |||||
| CVE-2025-70237 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-09 | N/A | 9.8 CRITICAL |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetPortTr. | |||||
| CVE-2025-70234 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-09 | N/A | 9.8 CRITICAL |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS. | |||||
| CVE-2026-1457 | 1 Tp-link | 2 Vigi C385, Vigi C385 Firmware | 2026-03-09 | N/A | 8.8 HIGH |
| An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. Authenticated attackers may trigger buffer overflow and potentially execute arbitrary code with elevated privileges. | |||||
| CVE-2026-26736 | 1 Totolink | 2 A3002ru-v3, A3002ru Firmware | 2026-03-09 | N/A | 8.8 HIGH |
| TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the static_ipv6 parameter in the formIpv6Setup function. | |||||