Vulnerabilities (CVE)

Filtered by CWE-787
Total 14129 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-26336 1 Dell 4 Chassis Management Controller For Poweredge Fx2, Chassis Management Controller For Poweredge Fx2 Firmware, Chassis Management Controller For Poweredge Vrtx and 1 more 2026-06-17 N/A 8.3 HIGH
Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
CVE-2025-25901 1 Tp-link 2 Tl-wr841nd, Tl-wr841nd Firmware 2026-06-17 N/A 7.5 HIGH
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
CVE-2025-25898 1 Tp-link 2 Tl-wr841nd, Tl-wr841nd Firmware 2026-06-17 N/A 7.5 HIGH
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the pskSecret parameter at /userRpm/WlanSecurityRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
CVE-2025-25897 1 Tp-link 2 Tl-wr841nd, Tl-wr841nd Firmware 2026-06-17 N/A 7.5 HIGH
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'ip' parameter at /userRpm/WanStaticIpV6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
CVE-2025-25746 1 Dlink 2 Dir-853, Dir-853 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetWanSettings module.
CVE-2025-25744 1 Dlink 2 Dir-853, Dir-853 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetDynamicDNSSettings module.
CVE-2025-25742 1 Dlink 2 Dir-853, Dir-853 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the AccountPassword parameter in the SetSysEmailSettings module.
CVE-2025-25664 1 Tenda 2 Ac8, Ac8 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.
CVE-2025-25663 1 Tenda 2 Ac8, Ac8 Firmware 2026-06-17 N/A 9.8 CRITICAL
A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow.
CVE-2025-25372 1 Nasa 1 Core Flight System 2026-06-17 N/A 7.5 HIGH
NASA cFS (Core Flight System) Aquila is vulnerable to segmentation fault via sending a malicious telecommand to the Memory Management Module.
CVE-2025-25249 1 Fortinet 3 Fortios, Fortisase, Fortiswitchmanager 2026-06-17 N/A 8.1 HIGH
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets
CVE-2025-25050 2026-06-17 N/A 8.8 HIGH
An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to trigger this vulnerability.
CVE-2025-24453 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24452 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24451 1 Adobe 1 Substance 3d Painter 2026-06-17 N/A 7.8 HIGH
Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24450 1 Adobe 1 Substance 3d Painter 2026-06-17 N/A 7.8 HIGH
Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24445 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24444 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24443 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24442 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.