Total
2851 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-5624 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup of the file /goform/QoSPortSetup. The manipulation of the argument port0_group/port0_remarker/ssid0_group/ssid0_remarker leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5623 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5622 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/wirelessApcli_5g. The manipulation of the argument apcli_mode_5g/apcli_enc_5g/apcli_default_key_5g leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5619 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5600 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument LangType leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5572 | 1 Dlink | 2 Dcs-932l, Dcs-932l Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5555 | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH | ||
| A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub_11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0.1 is able to mitigate this issue. Upgrading the affected component is recommended. The vendor was contacted beforehand and was able to provide a patch very early. | |||||
| CVE-2025-5527 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda RX3 16.03.13.11_multi_TDE01. It has been rated as critical. This issue affects the function save_staticroute_data of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5503 | 1 Totolink | 2 X15, X15 Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. This affects the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the argument deviceMacAddr leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-5451 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2026-06-17 | N/A | 4.9 MEDIUM |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service. | |||||
| CVE-2025-5297 | 1 Razormist | 1 Simple Computer Store System | 2026-06-17 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5228 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2026-06-17 | 8.3 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5215 | 1 Dlink | 2 Dcs-5020l, Dcs-5020l Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the argument Authorization leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5080 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-59801 | 2026-06-17 | N/A | 4.3 MEDIUM | ||
| In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xps_unpredict_tiff in xpstiff.c because the samplesperpixel value is not checked. | |||||
| CVE-2025-59799 | 1 Artifex | 1 Ghostscript | 2026-06-17 | N/A | 4.3 MEDIUM |
| Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. | |||||
| CVE-2025-59798 | 1 Artifex | 1 Ghostscript | 2026-06-17 | N/A | 4.3 MEDIUM |
| Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. | |||||
| CVE-2025-59613 | 1 Qualcomm | 88 Cologne, Cologne Firmware, Fastconnect 6700 and 85 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| Memory Corruption when output buffer size is smaller than input buffer size during data copying operation. | |||||
| CVE-2025-59612 | 1 Qualcomm | 62 Cologne, Cologne Firmware, Fastconnect 6700 and 59 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| Memory corruption in windows drivers while sending incorrect trusted application request | |||||
| CVE-2025-59383 | 1 Qnap | 1 Media Streaming Add-on | 2026-06-17 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Media Streaming Add-on 500.1.1 and later | |||||
