Total
1895 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50694 | 1 Sungrowpower | 2 Winet-s, Winet-s Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow. | |||||
| CVE-2024-50695 | 1 Sungrowpower | 2 Winet-s, Winet-s Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks. | |||||
| CVE-2025-44884 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_post function. | |||||
| CVE-2025-44885 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter in the web_snmpv3_remote_engineId_add_post function. | |||||
| CVE-2025-44886 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function. | |||||
| CVE-2025-44887 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function. | |||||
| CVE-2025-44888 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name parameter in the web_stp_globalSetting_post function. | |||||
| CVE-2025-44890 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function. | |||||
| CVE-2025-44893 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey parameter in the web_acl_mgmt_Rules_Apply_post function. | |||||
| CVE-2025-44883 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function. | |||||
| CVE-2025-44891 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function. | |||||
| CVE-2025-44894 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function. | |||||
| CVE-2025-44896 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function. | |||||
| CVE-2025-44897 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function. | |||||
| CVE-2025-44898 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function. | |||||
| CVE-2025-2151 | 1 Assimp | 1 Assimp | 2025-05-28 | 7.5 HIGH | 6.3 MEDIUM |
| A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4069 | 1 Code-projects | 1 Product Management System | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-51138 | 1 Draytek | 46 Vigor1000b, Vigor1000b Firmware, Vigor2133 and 43 more | 2025-05-28 | N/A | 9.8 CRITICAL |
| Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier; Vigor3912 4.3.6.1 and earlier; Vigor3910 4.4.3.1 and earlier a stack-based buffer overflow vulnerability has been identified in the URL parsing functionality of the TR069 STUN server. This flaw occurs due to insufficient bounds checking on the amount of URL parameters, allowing an attacker to exploit the overflow by sending a maliciously crafted request. Consequently, a remote attacker can execute arbitrary code with elevated privileges. | |||||
| CVE-2025-4892 | 1 Fabian | 1 Police Station Management System | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in code-projects Police Station Management System 1.0. It has been declared as critical. Affected by this vulnerability is the function criminal::remove of the file source.cpp of the component Delete Record. The manipulation of the argument No leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-52274 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||