Total
2793 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-41902 | 1 Siemens | 1 Jt2go | 2026-06-17 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V2406.0003). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-41882 | 2026-06-17 | N/A | N/A | ||
| Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds. | |||||
| CVE-2024-41881 | 2026-06-17 | N/A | 8.8 HIGH | ||
| SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment. | |||||
| CVE-2024-41852 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-41630 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 7.6 HIGH |
| Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set. | |||||
| CVE-2024-41592 | 1 Draytek | 48 Vigor1000b, Vigor1000b Firmware, Vigor165 and 45 more | 2026-06-17 | N/A | 8.0 HIGH |
| DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs. | |||||
| CVE-2024-41590 | 1 Draytek | 48 Vigor1000b, Vigor1000b Firmware, Vigor165 and 45 more | 2026-06-17 | N/A | 8.0 HIGH |
| Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6. | |||||
| CVE-2024-41586 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2026-06-17 | N/A | 8.0 HIGH |
| A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute arbitrary code via a long query string to the cgi-bin/ipfedr.cgi component. | |||||
| CVE-2024-41492 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-41466 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting. | |||||
| CVE-2024-41465 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/setcfm. | |||||
| CVE-2024-41463 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/addressNat. | |||||
| CVE-2024-41462 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient. | |||||
| CVE-2024-41460 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic. | |||||
| CVE-2024-41459 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex. | |||||
| CVE-2024-41281 | 1 Linksys | 2 Wrt54g, Wrt54g Firmware | 2026-06-17 | N/A | 8.8 HIGH |
| Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get_merge_mac function. | |||||
| CVE-2024-41170 | 2026-06-17 | N/A | 7.8 HIGH | ||
| A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0015), Tecnomatix Plant Simulation V2404 (All versions < V2404.0004). The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-41166 | 2026-06-17 | N/A | 6.1 MEDIUM | ||
| Stack-based buffer overflow in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2024-40902 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than the expected size, printing it out can cause an access off the end of the buffer. Fix this all up by properly restricting the size of the debug hex dump in the kernel log. | |||||
| CVE-2024-40897 | 1 Gstreamer | 1 Orc | 2026-06-17 | N/A | 6.7 MEDIUM |
| Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments. | |||||
