Total
3526 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-48260 | 1 Huawei | 2 Bisheng-wnm, Bisheng-wnm Firmware | 2025-03-11 | N/A | 7.5 HIGH |
| There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions. | |||||
| CVE-2023-22753 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-11 | N/A | 8.1 HIGH |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-53695 | 2025-03-07 | N/A | N/A | ||
| A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later | |||||
| CVE-2022-47664 | 1 Struktur | 1 Libde265 | 2025-03-07 | N/A | 7.8 HIGH |
| Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse | |||||
| CVE-2023-20624 | 2 Google, Mediatek | 16 Android, Mt6789, Mt6833 and 13 more | 2025-03-06 | N/A | 6.7 MEDIUM |
| In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628530; Issue ID: ALPS07628530. | |||||
| CVE-2023-1161 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-03-05 | N/A | 6.3 MEDIUM |
| ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2025-25343 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-05 | N/A | 9.8 CRITICAL |
| Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. | |||||
| CVE-2025-1899 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-03-05 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1895 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-03-05 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-6948 | 2025-03-04 | N/A | 3.0 LOW | ||
| A Buffer Copy without Checking Size of Input issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the sdk_printf function implemented in the libv2_sdk.so library used by the dji_vtwo_sdk binary implementing the service, compromising it in a term of availability and producing a denial-of-service attack. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620. | |||||
| CVE-2025-23234 | 2025-03-04 | N/A | 3.3 LOW | ||
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. | |||||
| CVE-2025-22897 | 2025-03-04 | N/A | 3.3 LOW | ||
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. | |||||
| CVE-2025-1898 | 2025-03-04 | 6.8 MEDIUM | 6.5 MEDIUM | ||
| A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1897 | 2025-03-04 | 6.8 MEDIUM | 6.5 MEDIUM | ||
| A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1896 | 2025-03-04 | 6.8 MEDIUM | 6.5 MEDIUM | ||
| A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1786 | 2025-03-03 | 4.3 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability was found in rizinorg rizin up to 0.7.4. It has been rated as critical. This issue affects the function msf_stream_directory_free in the library /librz/bin/pdb/pdb.c. The manipulation of the argument -P leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 0.8.0 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2021-45423 | 1 Pev Project | 1 Pev | 2025-03-03 | N/A | 9.8 CRITICAL |
| A Buffer Overflow vulnerabilityexists in Pev 0.81 via the pe_exports function from exports.c.. The array offsets_to_Names is dynamically allocated on the stack using exp->NumberOfFunctions as its size. However, the loop uses exp->NumberOfNames to iterate over it and set its components value. Therefore, the loop code assumes that exp->NumberOfFunctions is greater than ordinal at each iteration. This can lead to arbitrary code execution. | |||||
| CVE-2024-8573 | 1 Totolink | 4 T10, T10 Firmware, T8 and 1 more | 2025-03-03 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. This affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc/week/sTime/eTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-26076 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 2200 and 7 more | 2025-03-03 | N/A | 7.6 HIGH |
| An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G SM message codec can occur due to insufficient parameter validation when decoding reserved options. | |||||
| CVE-2024-43055 | 2025-03-03 | N/A | 7.8 HIGH | ||
| Memory corruption while processing camera use case IOCTL call. | |||||