Total
3125 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-40674 | 1 Google | 1 Android | 2025-04-22 | N/A | 5.3 MEDIUM |
| In validateSsid of WifiConfigurationUtil.java, there is a possible way to overflow a system configuration file due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-57537 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 6.3 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification. | |||||
| CVE-2024-57538 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 6.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification. | |||||
| CVE-2024-57540 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 6.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification. | |||||
| CVE-2024-57541 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 5.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification. | |||||
| CVE-2024-57543 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 5.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification. | |||||
| CVE-2024-57544 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 5.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification. | |||||
| CVE-2024-57545 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 5.5 MEDIUM |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification. | |||||
| CVE-2025-28221 | 2025-04-21 | N/A | 7.5 HIGH | ||
| Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request. | |||||
| CVE-2025-28220 | 2025-04-21 | N/A | 7.5 HIGH | ||
| Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request. | |||||
| CVE-2025-29045 | 1 Alfa | 2 Wifi Camppro, Wifi Camppro Firmware | 2025-04-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value | |||||
| CVE-2025-29044 | 1 Netgear | 2 R6100, R6100 Firmware | 2025-04-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value | |||||
| CVE-2025-29625 | 2025-04-21 | N/A | 7.8 HIGH | ||
| A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via an overly long environment variable passed to FileOpen function. | |||||
| CVE-2016-8714 | 2 Debian, R Project | 2 Debian Linux, R | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability. | |||||
| CVE-2017-0594 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444. | |||||
| CVE-2017-15222 | 1 Nftp Project | 1 Nftp | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2017-8278 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. | |||||
| CVE-2017-0442 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32871330. References: QC-CR#1092497. | |||||
| CVE-2017-0767 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407. | |||||
| CVE-2017-6058 | 1 Qemu | 1 Qemu | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and QEMU process crash) via vectors related to VLAN stripping. | |||||