Total
1394 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35388 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2025-05-30 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode | |||||
| CVE-2025-5278 | 2025-05-29 | N/A | 4.4 MEDIUM | ||
| A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. | |||||
| CVE-2024-50694 | 1 Sungrowpower | 2 Winet-s, Winet-s Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow. | |||||
| CVE-2024-50695 | 1 Sungrowpower | 2 Winet-s, Winet-s Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks. | |||||
| CVE-2025-44884 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_post function. | |||||
| CVE-2025-44885 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter in the web_snmpv3_remote_engineId_add_post function. | |||||
| CVE-2025-44886 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function. | |||||
| CVE-2025-44887 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function. | |||||
| CVE-2025-44888 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name parameter in the web_stp_globalSetting_post function. | |||||
| CVE-2025-44890 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function. | |||||
| CVE-2025-44893 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey parameter in the web_acl_mgmt_Rules_Apply_post function. | |||||
| CVE-2025-44883 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function. | |||||
| CVE-2025-44891 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function. | |||||
| CVE-2025-44894 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function. | |||||
| CVE-2025-44896 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function. | |||||
| CVE-2025-44897 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function. | |||||
| CVE-2025-44898 | 1 Planet | 2 Wgs-804hpt, Wgs-804hpt Firmware | 2025-05-29 | N/A | 9.8 CRITICAL |
| FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function. | |||||
| CVE-2025-27151 | 2025-05-29 | N/A | 4.7 MEDIUM | ||
| Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exists in redis-check-aof due to the use of memcpy with strlen(filepath) when copying a user-supplied file path into a fixed-size stack buffer. This allows an attacker to overflow the stack and potentially achieve code execution. This issue has been patched in version 8.0.2. | |||||
| CVE-2025-4501 | 1 Fabianros | 1 Album Management System | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum of the component Search Albums. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4499 | 1 Fabianros | 1 Simple Hospital Management System | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the function Add of the component Add Information. The manipulation of the argument x[i].name/x[i].disease leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||