Total
2196 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-9284 | 1 Tp-link | 2 Tl-wr841nd, Tl-wr841nd Firmware | 2025-07-15 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-7597 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-07-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda AX1803 1.0.0.1. Affected is the function formSetMacFilterCfg of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7505 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7506 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-4171 | 1 Tenda | 2 W30e, W30e Firmware | 2025-07-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda W30E 1.0/1.0.1.25. Affected is the function fromWizardHandle of the file /goform/WizardHandle. The manipulation of the argument PPW leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-261990 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-58117 | 1 Huawei | 1 Harmonyos | 2025-07-15 | N/A | 4.0 MEDIUM |
| Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. | |||||
| CVE-2025-5228 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-07-15 | 8.3 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5451 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2025-07-15 | N/A | 4.9 MEDIUM |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service. | |||||
| CVE-2025-53171 | 1 Huawei | 1 Harmonyos | 2025-07-14 | N/A | 4.0 MEDIUM |
| Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. | |||||
| CVE-2025-53172 | 1 Huawei | 1 Harmonyos | 2025-07-14 | N/A | 4.0 MEDIUM |
| Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. | |||||
| CVE-2025-53173 | 1 Huawei | 1 Harmonyos | 2025-07-14 | N/A | 5.3 MEDIUM |
| Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. | |||||
| CVE-2025-53174 | 1 Huawei | 1 Harmonyos | 2025-07-14 | N/A | 4.0 MEDIUM |
| Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. | |||||
| CVE-2025-6617 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2025-07-14 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-6616 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2025-07-14 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWAN_Wizard51 of the file /goform/formSetWAN_Wizard51. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-6615 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2025-07-14 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the file /goform/formAutoDetecWAN_wizard4. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-53175 | 1 Huawei | 1 Harmonyos | 2025-07-14 | N/A | 4.0 MEDIUM |
| Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. | |||||
| CVE-2025-53176 | 1 Huawei | 1 Harmonyos | 2025-07-14 | N/A | 3.3 LOW |
| Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. | |||||
| CVE-2025-7194 | 1 Dlink | 2 Di-500wf, Di-500wf Firmware | 2025-07-14 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7206 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2025-07-14 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in D-Link DIR-825 2.10. This issue affects the function sub_410DDC of the file switch_language.cgi of the component httpd. The manipulation of the argument Language leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-6334 | 1 Dlink | 2 Dir-867, Dir-867 Firmware | 2025-07-11 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in D-Link DIR-867 1.0 and classified as critical. This vulnerability affects the function strncpy of the component Query String Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||