Total
2809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-2370 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2369 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2263 | 1 Santesoft | 1 Sante Pacs Server | 2026-06-17 | N/A | 9.8 CRITICAL |
| During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or password is supplied by an unauthenticated remote attacker. | |||||
| CVE-2025-2151 | 1 Assimp | 1 Assimp | 2026-06-17 | 7.5 HIGH | 6.3 MEDIUM |
| A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2097 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument loginpass leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-29988 | 1 Dell | 522 14 Plus 2-in-1 Db04250, 14 Plus 2-in-1 Db04250 Firmware, 14 Plus Db14250 and 519 more | 2026-06-17 | N/A | 6.9 MEDIUM |
| Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution. | |||||
| CVE-2025-29951 | 2026-06-17 | N/A | N/A | ||
| A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution. | |||||
| CVE-2025-29840 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2026-06-17 | N/A | 8.8 HIGH |
| Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-29387 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2026-06-17 | N/A | 7.1 HIGH |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2025-29364 | 1 Spimsimulator | 1 Spim | 2026-06-17 | N/A | 6.5 MEDIUM |
| spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READ_SYSCALL and WRITE_SYSCALL system calls. The application verifies the legitimacy of the starting and ending addresses for memory read/write operations. By configuring the starting and ending addresses for memory read/write to point to distinct memory segments within the virtual machine, it is possible to circumvent these checks. | |||||
| CVE-2025-29218 | 1 Tenda | 2 W18e, W18e Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiPwd parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2025-29215 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList. | |||||
| CVE-2025-29214 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg. | |||||
| CVE-2025-29149 | 1 Tenda | 2 I12, I12 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function. | |||||
| CVE-2025-29135 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability in Tenda AC7 V15.03.06.44 allows a remote attacker to execute arbitrary code through a stack overflow attack using the security parameter of the formWifiBasicSet function. | |||||
| CVE-2025-29121 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow. | |||||
| CVE-2025-29118 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| Tenda AC8 V16.03.34.06 was discovered to contain a stack overflow via the src parameter in the function sub_47D878. | |||||
| CVE-2025-29101 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function. | |||||
| CVE-2025-29100 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the parameter list. | |||||
| CVE-2025-28344 | 2026-06-17 | N/A | 7.5 HIGH | ||
| striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack. | |||||
