Total
2851 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-63152 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the wpapsk_crypto parameter of the wlSetExternParameter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63149 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls parameter of the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63147 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the deviceId parameter of the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-62858 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build 20260214 and later QuTS hero h5.2.9.3410 build 20260214 and later QuTS hero h5.3.4.3500 build 20260520 and later QuTS hero h6.0.0.3397 build 20260206 and later | |||||
| CVE-2025-62852 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: QTS 5.2.8.3332 build 20251128 and later | |||||
| CVE-2025-62691 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| Security Point (Windows) of MaLion and MaLionCloud contains a stack-based buffer overflow vulnerability in processing HTTP headers. Receiving a specially crafted request from a remote unauthenticated attacker could lead to arbitrary code execution with SYSTEM privilege. | |||||
| CVE-2025-62580 | 1 Deltaww | 1 Asda Soft | 2026-06-17 | N/A | 7.8 HIGH |
| ASDA-Soft Stack-based Buffer Overflow Vulnerability | |||||
| CVE-2025-62579 | 1 Deltaww | 1 Asda Soft | 2026-06-17 | N/A | 7.8 HIGH |
| ASDA-Soft Stack-based Buffer Overflow Vulnerability | |||||
| CVE-2025-62507 | 1 Redis | 1 Redis | 2026-06-17 | N/A | 8.8 HIGH |
| Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this issue without patching the redis-server executable is to prevent users from executing XACKDEL operation. This can be done using ACL to restrict XACKDEL command. | |||||
| CVE-2025-61856 | 1 Fujielectric | 1 Monitouch V-sft | 2026-06-17 | N/A | 7.8 HIGH |
| A stack-based buffer overflow vulnerability exists in VS6ComFile!CV7BaseMap::WriteV7DataToRom of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | |||||
| CVE-2025-61577 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| D-Link DIR-816A2_FWv1.10CNB05 was discovered to contain a stack overflow via the statuscheckpppoeuser parameter in the dir_setWanWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2025-61128 | 2026-06-17 | N/A | 9.1 CRITICAL | ||
| Stack-based buffer overflow vulnerability in WAVLINK QUANTUM D3G/WL-WN530HG3 firmware M30HG3_V240730, and possibly other wavlink models allows attackers to execute arbitrary code via crafted referrer value POST to login.cgi. | |||||
| CVE-2025-60751 | 2026-06-17 | N/A | 7.5 HIGH | ||
| GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode. | |||||
| CVE-2025-60699 | 1 Totolink | 2 A950rg, A950rg Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `global.so` binary. The `getSaveConfig` function retrieves the `http_host` parameter from user input via `websGetVar` and copies it into a fixed-size stack buffer (`v13`) using `strcpy()` without performing any length checks. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to the router's web interface, potentially leading to arbitrary code execution. | |||||
| CVE-2025-60663 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanMTU parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60662 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanSpeed parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60661 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 5.3 MEDIUM |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the cloneType parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60660 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the mac parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60572 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvNetwork. | |||||
| CVE-2025-60571 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| D-Link DIR600LAx FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetQoS. | |||||
