Total
2849 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-57071 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in the formAddVpnUsers function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57070 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57069 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in the getsinglepppuser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57064 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57063 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57062 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57061 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57060 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the dns_forward_rule_store function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57059 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57058 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57057 | 1 Tenda | 2 G3, G3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-55852 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWifiBasicSet function via the parameter security or security_5g. | |||||
| CVE-2025-55763 | 1 Civetweb Project | 1 Civetweb | 2026-06-17 | N/A | 7.5 HIGH |
| Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution. | |||||
| CVE-2025-55503 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-06-17 | N/A | 7.3 HIGH |
| Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function. | |||||
| CVE-2025-55498 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. | |||||
| CVE-2025-55483 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList. | |||||
| CVE-2025-55482 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function. | |||||
| CVE-2025-55117 | 1 Bmc | 1 Control-m\/agent | 2026-06-17 | N/A | 5.3 MEDIUM |
| A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: * Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n"; * Control-M/Agent 9.0.21 and 9.0.22: Agent router configuration uses the non-default settings "JAVA_AR=N" and "use_openssl=n". | |||||
| CVE-2025-55116 | 1 Bmc | 1 Control-m\/agent | 2026-06-17 | N/A | 8.8 HIGH |
| A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions. | |||||
| CVE-2025-55095 | 1 Eclipse | 1 Threadx Usbx | 2026-06-17 | N/A | 4.2 MEDIUM |
| The function _ux_host_class_storage_media_mount() is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in _ux_host_class_storage_partition_read(), which parses up to four partition entries. If an extended partition is found (with type UX_HOST_CLASS_STORAGE_PARTITION_EXTENDED or EXTENDED_LBA_MAPPED), the code invokes: _ux_host_class_storage_media_mount(storage, sector + _ux_utility_long_get(...)); There is no limit on the recursion depth or tracking of visited sectors. As a result, a malicious or malformed disk image can include cyclic or excessively deep chains of extended partitions, causing the function to recurse until stack overflow occurs. | |||||
