Total
2793 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-46546 | 1 Nextu | 2 Fleta Ax1500, Fleta Ax1500 Firmware | 2026-06-17 | N/A | 7.3 HIGH |
| NEXTU FLETA AX1500 WIFI6 Router v1.0.3 was discovered to contain a stack overflow via the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-46435 | 1 Tenda | 2 W18e, W18e Firmware | 2026-06-17 | N/A | 8.0 HIGH |
| A stack overflow vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an authenticated remote attacker to cause a denial of service or potentially execute arbitrary code. This vulnerability occurs due to improper input validation when handling user-supplied data in the delFacebookPic function. | |||||
| CVE-2024-46325 | 1 Tp-link | 2 Wr740n, Wr740n Firmware | 2026-06-17 | N/A | 5.5 MEDIUM |
| TP-Link WR740N V6 has a stack overflow vulnerability via the ssid parameter in /userRpm/popupSiteSurveyRpm.htm url. | |||||
| CVE-2024-46313 | 1 Tp-link | 2 Wr941nd, Wr941nd Firmware | 2026-06-17 | N/A | 8.0 HIGH |
| TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm. | |||||
| CVE-2024-46049 | 1 Tenda | 2 O6, O6 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function. | |||||
| CVE-2024-46047 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function. | |||||
| CVE-2024-46046 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function. | |||||
| CVE-2024-46044 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function. | |||||
| CVE-2024-45695 | 1 Dlink | 2 Dir-x4860, Dir-x4860 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device. | |||||
| CVE-2024-45694 | 1 Dlink | 4 Dir-x4860, Dir-x4860 Firmware, Dir-x5460 and 1 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device. | |||||
| CVE-2024-45542 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 99 more | 2026-06-17 | N/A | 7.8 HIGH |
| Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. | |||||
| CVE-2024-45415 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksum on the stack without validating it. An unauthenticated attacker can get RCE as root by exploiting this vulnerability. | |||||
| CVE-2024-45414 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checking its length. An unauthenticated attacker can get RCE as root by exploiting this vulnerability. | |||||
| CVE-2024-45413 | 2026-06-17 | N/A | 8.1 HIGH | ||
| The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. This function is an API wrapper for LUA to decrypt RSA encrypted ciphertext, the decrypted data is stored on the stack without checking its length. An authenticated attacker can get RCE as root by exploiting this vulnerability. | |||||
| CVE-2024-45318 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2026-06-17 | N/A | 8.1 HIGH |
| A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution. | |||||
| CVE-2024-45162 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| A stack-based buffer overflow issue was discovered in the phddns client in Blu-Castle BCUM221E 1.0.0P220507 via the password field. | |||||
| CVE-2024-45158 | 1 Trustedfirmware | 1 Mbed Tls | 2026-06-17 | N/A | 9.8 CRITICAL |
| An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. (This never happens in internal library calls, but can affect applications that call these functions directly.) | |||||
| CVE-2024-45062 | 1 Openprinting | 2 Ippusbxd, Ippusbxd Firmware | 2026-06-17 | N/A | 6.4 MEDIUM |
| A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buffer overflow which can lead to a arbitrary code execution in a privileged service. To trigger the vulnerability, a malicious device would need to be connected to the vulnerable system over USB. | |||||
| CVE-2024-44859 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2026-06-17 | N/A | 8.0 HIGH |
| Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`. | |||||
| CVE-2024-44674 | 1 Dlink | 2 Covr-2600r, Covr-2600r Firmware | 2026-06-17 | N/A | 5.7 MEDIUM |
| D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src. | |||||
