Export limit exceeded: 14525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14525 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5099 | 1 Dynamixsoftware | 1 Printershare | 2025-10-08 | 9.8 Critical |
| An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution. | ||||
| CVE-2025-10225 | 2 Axxonsoft, Microsoft | 2 Axxon One, Windows | 2025-10-08 | 7.5 High |
| Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) in the OpenSSL-based session module in AxxonSoft Axxon One (C-Werk) 2.0.6 and earlier on Windows allows a remote attacker under high load conditions to cause application crashes or unpredictable behavior via triggering memory reallocation errors when handling expired session keys. | ||||
| CVE-2024-41026 | 1 Linux | 1 Linux Kernel | 2025-10-07 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: mmc: davinci_mmc: Prevent transmitted data size from exceeding sgm's length No check is done on the size of the data to be transmiited. This causes a kernel panic when this size exceeds the sg_miter's length. Limit the number of transmitted bytes to sgm->length. | ||||
| CVE-2025-9303 | 1 Totolink | 2 A720r, A720r Firmware | 2025-10-06 | 8.8 High |
| A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument desc results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-9385 | 2 Appneta, Broadcom | 2 Tcpreplay, Tcpreplay | 2025-10-06 | 5.3 Medium |
| A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component. | ||||
| CVE-2025-9386 | 2 Appneta, Broadcom | 2 Tcpreplay, Tcpreplay | 2025-10-06 | 5.3 Medium |
| A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component. | ||||
| CVE-2014-2364 | 1 Advantech | 1 Advantech Webaccess | 2025-10-06 | N/A |
| Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx. | ||||
| CVE-2024-33016 | 1 Qualcomm | 669 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 666 more | 2025-10-03 | 6.8 Medium |
| memory corruption when an invalid firehose patch command is invoked. | ||||
| CVE-2014-2357 | 1 Subnet | 1 Substation Server | 2025-10-03 | N/A |
| The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message. | ||||
| CVE-2014-2355 | 1 Ge | 1 Intelligent Platforms Proficy Hmi\/scada Cimplicity | 2025-10-03 | N/A |
| The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file. | ||||
| CVE-2025-11081 | 1 Gnu | 1 Binutils | 2025-10-03 | 3.3 Low |
| A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggested to install a patch to address this issue. | ||||
| CVE-2025-24797 | 1 Meshtastic | 2 Firmware, Meshtastic Firmware | 2025-10-03 | 9.4 Critical |
| Meshtastic is an open source mesh networking solution. A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as the target device rebroadcasts packets on the default channel. This vulnerability fixed in 2.6.2. | ||||
| CVE-2025-10838 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-10-03 | 8.8 High |
| A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function sub_45BB10 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-9023 | 1 Tenda | 4 Ac18, Ac18 Firmware, Ac7 and 1 more | 2025-10-03 | 8.8 High |
| A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-11091 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-10-03 | 8.8 High |
| A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-11123 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-03 | 8.8 High |
| A flaw has been found in Tenda AC18 15.03.05.19. This impacts an unknown function of the file /goform/saveAutoQos. This manipulation of the argument enable causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used. | ||||
| CVE-2025-11122 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-03 | 8.8 High |
| A vulnerability was detected in Tenda AC18 15.03.05.19. This affects an unknown function of the file /goform/WizardHandle. The manipulation of the argument WANT/mtuvalue results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2025-11120 | 1 Tenda | 3 Ac18, Ac18 Firmware, Ac8 | 2025-10-03 | 8.8 High |
| A weakness has been identified in Tenda AC8 16.03.34.06. The affected element is the function formSetServerConfig of the file /goform/SetServerConfig. Executing manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-11117 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-03 | 8.8 High |
| A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formWrlExtraGet of the file /goform/GstDhcpSetSer. This manipulation of the argument dips causes buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2024-42442 | 1 Ami | 1 Aptio V | 2025-10-02 | 7.2 High |
| APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode. | ||||