Vulnerabilities (CVE)

Filtered by CWE-121
Total 2849 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-47760 1 Fujielectric 1 Monitouch V-sft 2026-06-17 N/A 7.8 HIGH
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
CVE-2025-47759 1 Fujielectric 1 Monitouch V-sft 2026-06-17 N/A 7.8 HIGH
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
CVE-2025-47758 1 Fujielectric 1 Monitouch V-sft 2026-06-17 N/A 7.8 HIGH
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
CVE-2025-47391 1 Qualcomm 202 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 199 more 2026-06-17 N/A 7.8 HIGH
Memory corruption while processing a frame request from user.
CVE-2025-47360 1 Qualcomm 70 Qam8255p, Qam8255p Firmware, Qam8295p and 67 more 2026-06-17 N/A 7.8 HIGH
Memory corruption while processing client message during device management.
CVE-2025-47347 1 Qualcomm 74 Qam8255p, Qam8255p Firmware, Qam8295p and 71 more 2026-06-17 N/A 7.8 HIGH
Memory corruption while processing control commands in the virtual memory management interface.
CVE-2025-47120 2 Adobe, Microsoft 2 Framemaker, Windows 2026-06-17 N/A 5.5 MEDIUM
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-46836 2026-06-17 N/A 6.6 MEDIUM
net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (like ifconfig) from the net-tools package do not properly validate the structure of /proc files when showing interfaces. `get_name()` in `interface.c` copies interface labels from `/proc/net/dev` into a fixed 16-byte stack buffer without bounds checking, leading to possible arbitrary code execution or crash. The known attack path does not require privilege but also does not provide privilege escalation in this scenario. A patch is available and expected to be part of version 2.20.
CVE-2025-46411 1 Libbiosig Project 1 Libbiosig 2026-06-17 N/A 8.1 HIGH
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2025-46405 1 F5 1 Big-ip Access Policy Manager 2026-06-17 N/A 7.5 HIGH
When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-45867 1 Totolink 2 A3002r, A3002r Firmware 2026-06-17 N/A 5.4 MEDIUM
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the static_dns1 parameter in the formIpv6Setup interface.
CVE-2025-45862 1 Totolink 2 A3002r, A3002r Firmware 2026-06-17 N/A 6.5 MEDIUM
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.
CVE-2025-45847 1 Alfa 2 Aip-w512, Aip-w512 Firmware 2026-06-17 N/A 6.5 MEDIUM
ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an authenticated stack overflow via the targetAPMac parameter in the formWsc function.
CVE-2025-45846 1 Alfa 2 Aip-w512, Aip-w512 Firmware 2026-06-17 N/A 8.8 HIGH
ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an authenticated stack overflow via the torrentsindex parameter in the formBTClinetSetting function.
CVE-2025-45845 1 Totolink 2 Nr1800x, Nr1800x Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function.
CVE-2025-45844 1 Totolink 2 Nr1800x, Nr1800x Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiBasicCfg function.
CVE-2025-45843 1 Totolink 2 Nr1800x, Nr1800x Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function.
CVE-2025-45842 1 Totolink 2 Nr1800x, Nr1800x Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function.
CVE-2025-45841 1 Totolink 2 Nr1800x, Nr1800x Firmware 2026-06-17 N/A 9.8 CRITICAL
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function.
CVE-2025-45797 1 Totolink 2 A950rg, A950rg Firmware 2026-06-17 N/A 9.8 CRITICAL
TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.