Total
2849 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-52539 | 2026-06-17 | N/A | 7.3 HIGH | ||
| A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt data from the advanced extensible interface (AXI), potentially resulting in loss of confidentiality, integrity, and/or availability. | |||||
| CVE-2025-52292 | 1 Gpac | 1 Gpac | 2026-06-17 | N/A | 7.5 HIGH |
| A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | |||||
| CVE-2025-52194 | 1 Libsndfile Project | 1 Libsndfile | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution. | |||||
| CVE-2025-52082 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the read_access parameter. | |||||
| CVE-2025-52081 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the usb_folder parameter. | |||||
| CVE-2025-52080 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the share_name parameter. | |||||
| CVE-2025-51385 | 1 Dlink | 2 Di-8200, Di-8200 Firmware | 2026-06-17 | N/A | 3.5 LOW |
| D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the id parameter. | |||||
| CVE-2025-51384 | 1 Dlink | 2 Di-8200, Di-8200 Firmware | 2026-06-17 | N/A | 3.5 LOW |
| D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter. | |||||
| CVE-2025-51383 | 1 Dlink | 2 Di-8200, Di-8200 Firmware | 2026-06-17 | N/A | 3.5 LOW |
| D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. | |||||
| CVE-2025-50671 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_ref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively long strings in parameters name, en, user_id, shibie_name, time, act, log, and rpri. | |||||
| CVE-2025-50664 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr. | |||||
| CVE-2025-50663 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usb_paswd.asp endpoint. | |||||
| CVE-2025-50662 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_group.asp endpoint. | |||||
| CVE-2025-50661 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /url_rule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log. | |||||
| CVE-2025-50660 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_member.asp endpoint. | |||||
| CVE-2025-50659 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint. | |||||
| CVE-2025-50657 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint. | |||||
| CVE-2025-50655 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thd_group.asp endpoint. | |||||
| CVE-2025-50528 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-06-17 | N/A | 7.3 HIGH |
| A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6 <=V15.03.05.19 via the page parameter. | |||||
| CVE-2025-50464 | 1 Iptime | 2 Nas, Nas Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENT_TYPE HTTP header into a fixed-size stack buffer (v8, allocated 8 bytes) without bounds checking. Since this operation occurs before authentication logic is executed, the vulnerability is exploitable pre-authentication. | |||||
