Export limit exceeded: 20742 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20742 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-51005 | 2 Appneta, Broadcom | 2 Tcpreplay, Tcpreplay | 2025-10-08 | 7.5 High |
| A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible denial of service. | ||||
| CVE-2024-46718 | 1 Linux | 1 Linux Kernel | 2025-10-08 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overmap identity VRAM mapping Overmapping the identity VRAM mapping is triggering hardware bugs on certain platforms. Use 2M pages for the last unaligned (to 1G) VRAM chunk. v2: - Always use 2M pages for last chunk (Fei Yang) - break loop when 2M pages are used - Add assert for usable_size being 2M aligned v3: - Fix checkpatch | ||||
| CVE-2024-36468 | 1 Zabbix | 1 Zabbix | 2025-10-08 | 3 Low |
| The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking. | ||||
| CVE-2025-25528 | 1 Wavlink | 2 Wl-wn575a3, Wl-wn575a3 Firmware | 2025-10-07 | 5.1 Medium |
| Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3.V4300, which are caused by not performing strict length checks on user-controlled data. By successfully exploiting the vulnerabilities, attackers can crash the remote devices or execute arbitrary commands without any authorization verification. | ||||
| CVE-2024-41018 | 1 Linux | 1 Linux Kernel | 2025-10-07 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attr_names and oatbl Added out-of-bound checking for *ane (ATTR_NAME_ENTRY). | ||||
| CVE-2025-59362 | 1 Squid-cache | 1 Squid | 2025-10-07 | 4 Medium |
| Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c. | ||||
| CVE-2025-60660 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 7.5 High |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the mac parameter in the fromAdvSetMacMtuWan function. | ||||
| CVE-2025-60662 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 7.5 High |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanSpeed parameter in the fromAdvSetMacMtuWan function. | ||||
| CVE-2025-60663 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 7.5 High |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanMTU parameter in the fromAdvSetMacMtuWan function. | ||||
| CVE-2025-60661 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 5.3 Medium |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the cloneType parameter in the fromAdvSetMacMtuWan function. | ||||
| CVE-2025-61691 | 1 Keyence | 1 Vt Studio | 2025-10-07 | 7.8 High |
| VT STUDIO versions 8.53 and prior contain an out-of-bounds read vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product. | ||||
| CVE-2025-11279 | 1 Axosoft | 1 Scrum And Bug Tracking | 2025-10-06 | 5.5 Medium |
| A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. This issue affects some unknown processing of the component Add Work Item Page. The manipulation of the argument Title results in csv injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-45552 | 1 Qualcomm | 292 Apq8064au, Apq8064au Firmware, Fastconnect 6200 and 289 more | 2025-10-06 | 8.2 High |
| Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. | ||||
| CVE-2025-21448 | 1 Qualcomm | 538 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 535 more | 2025-10-06 | 7.5 High |
| Transient DOS may occur while parsing SSID in action frames. | ||||
| CVE-2025-21435 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2025-10-06 | 7.5 High |
| Transient DOS may occur while parsing extended IE in beacon. | ||||
| CVE-2025-21434 | 1 Qualcomm | 244 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 241 more | 2025-10-06 | 7.5 High |
| Transient DOS may occur while parsing EHT operation IE or EHT capability IE. | ||||
| CVE-2025-21430 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 447 more | 2025-10-06 | 7.5 High |
| Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. | ||||
| CVE-2025-9303 | 1 Totolink | 2 A720r, A720r Firmware | 2025-10-06 | 8.8 High |
| A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument desc results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2014-2364 | 1 Advantech | 1 Advantech Webaccess | 2025-10-06 | N/A |
| Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx. | ||||
| CVE-2025-59149 | 1 Oisf | 1 Suricata | 2025-10-06 | 6.2 Medium |
| Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms. | ||||