Total
1613 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-10042 | 2025-07-31 | N/A | N/A | ||
| A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafted password string, the application fails to validate input length, resulting in memory corruption. This can lead to denial of service or arbitrary code execution. Exploitation requires the anonymous user account to be enabled. | |||||
| CVE-2025-0649 | 1 Google | 1 Tensorflow Serving | 2025-07-31 | N/A | 7.5 HIGH |
| Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash. | |||||
| CVE-2025-8184 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2025-07-31 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-513 up to 1.10 and classified as critical. This issue affects the function formSetWanL2TPcallback of the file /goform/formSetWanL2TPtriggers of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-4447 | 1 Eclipse | 1 Openj9 | 2025-07-31 | N/A | 9.8 CRITICAL |
| In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts. | |||||
| CVE-2025-1253 | 1 Rti | 1 Connext Professional | 2025-07-31 | N/A | 7.8 HIGH |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Stack-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42, from 5.3.0 before 5.3.*, from 4.5c before 5.2.*. | |||||
| CVE-2024-34171 | 1 Fujielectric | 1 Monitouch V-sft | 2025-07-30 | N/A | 7.8 HIGH |
| Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. | |||||
| CVE-2025-3820 | 1 Tenda | 4 I24, I24 Firmware, W12 and 1 more | 2025-07-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3802 | 1 Tenda | 4 I24, I24 Firmware, W12 and 1 more | 2025-07-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3803 | 1 Tenda | 4 I24, I24 Firmware, W12 and 1 more | 2025-07-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4007 | 1 Tenda | 4 I24, I24 Firmware, W12 and 1 more | 2025-07-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-48796 | 2025-07-30 | N/A | 7.3 HIGH | ||
| A flaw was found in GIMP. The GIMP ani_load_image() function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution. | |||||
| CVE-2014-125114 | 2025-07-29 | N/A | N/A | ||
| A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow during scheduled download parsing, potentially leading to arbitrary code execution or a crash. | |||||
| CVE-2014-125117 | 2025-07-29 | N/A | N/A | ||
| A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices, including the DSP-W215 version 1.02, can be exploited via a specially crafted HTTP POST request to the /common/info.cgi endpoint. This flaw enables an unauthenticated attacker to achieve remote code execution with system-level privileges. | |||||
| CVE-2024-1598 | 2025-07-28 | N/A | 7.5 HIGH | ||
| Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567. | |||||
| CVE-2025-51088 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 5.3 MEDIUM |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow. | |||||
| CVE-2025-51087 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 8.6 HIGH |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. | |||||
| CVE-2025-51085 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 5.3 MEDIUM |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow. | |||||
| CVE-2025-51082 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 5.3 MEDIUM |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/fast_setting_wifi_set. The manipulation of the argument `timeZone` leads to stack-based buffer overflow. | |||||
| CVE-2024-33513 | 1 Arubanetworks | 1 Arubaos | 2025-07-28 | N/A | 5.9 MEDIUM |
| Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. | |||||
| CVE-2024-33514 | 1 Arubanetworks | 1 Arubaos | 2025-07-28 | N/A | 5.3 MEDIUM |
| Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. | |||||