Export limit exceeded: 20757 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20757 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-43689 | 1 Elecom | 4 Wab-i1750-ps, Wab-i1750-ps Firmware, Wab-s1167-ps and 1 more | 2025-09-04 | 9.8 Critical |
| Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed. | ||||
| CVE-2024-31225 | 1 Riot-os | 1 Riot | 2025-09-04 | 8.4 High |
| RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. The `_on_rd_init()` function does not implement a size check before copying data to the `_result_buf` static buffer. If an attacker can craft a long enough payload, they could cause a buffer overflow. If the unchecked input above is attacker-controlled and crosses a security boundary, the impact of the buffer overflow vulnerability could range from denial of service to arbitrary code execution. This issue has yet to be patched. Users are advised to add manual bounds checking. | ||||
| CVE-2024-43031 | 2 Autman, Dlink | 2 Autman, Autman | 2025-09-03 | 4.3 Medium |
| autMan v2.9.6 was discovered to contain an access control issue. | ||||
| CVE-2024-43032 | 2 Autman, Dlink | 2 Autman, Autman | 2025-09-03 | 4.3 Medium |
| autMan v2.9.6 allows attackers to bypass authentication via a crafted web request. | ||||
| CVE-2024-8587 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-09-03 | 7.8 High |
| A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2018-6339 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2025-09-03 | N/A |
| When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed in. An off-by-one error meant that data was written beyond the allocated space on the stack. This issue affects WhatsApp for Android starting in version 2.18.180 and was fixed in version 2.18.295. It also affects WhatsApp Business for Android starting in version v2.18.103 and was fixed in version v2.18.150. | ||||
| CVE-2018-6349 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2025-09-03 | 9.8 Critical |
| When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for Android prior to 2.18.248 and WhatsApp Business for Android prior to 2.18.132. | ||||
| CVE-2018-6350 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2025-09-03 | N/A |
| An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for Android prior to 2.18.276, WhatsApp Business for Android prior to 2.18.99, WhatsApp for iOS prior to 2.18.100.6, WhatsApp Business for iOS prior to 2.18.100.2, and WhatsApp for Windows Phone prior to 2.18.224. | ||||
| CVE-2018-20655 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2025-09-03 | 9.8 Critical |
| When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for iOS prior to v2.18.90.24 and WhatsApp Business for iOS prior to v2.18.90.24. | ||||
| CVE-2025-32387 | 1 Helm | 1 Helm | 2025-09-03 | 6.5 Medium |
| Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3. | ||||
| CVE-2025-55495 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-09-03 | 6.5 Medium |
| Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | ||||
| CVE-2025-57217 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-09-03 | 5.3 Medium |
| Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler. | ||||
| CVE-2025-57218 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-09-03 | 5.3 Medium |
| Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C. | ||||
| CVE-2025-57215 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-09-03 | 7.5 High |
| Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info. | ||||
| CVE-2025-9605 | 1 Tenda | 4 Ac21, Ac21 Firmware, Ac23 and 1 more | 2025-09-03 | 9.8 Critical |
| A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-9297 | 1 Tenda | 2 I22, I22 Firmware | 2025-09-03 | 8.8 High |
| A vulnerability was detected in Tenda i22 1.0.0.3(4687). This impacts the function formWeixinAuthInfoGet of the file /goform/wxportalauth. Performing manipulation of the argument Type results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2025-4846 | 1 Freefloat | 2 Freefloat Ftp Server, Ftp Server | 2025-09-03 | 7.3 High |
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MPUT Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-55564 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-09-03 | 7.5 High |
| Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function. | ||||
| CVE-2025-55613 | 1 Tenda | 3 O3, O3 Firmware, O3v2 | 2025-09-03 | 9.8 Critical |
| Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter. | ||||
| CVE-2010-10016 | 1 Bsplayer | 1 Bs.player | 2025-09-02 | N/A |
| BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded in the playlist, allowing overwrite of Structured Exception Handler (SEH) records. The vulnerability is triggered upon opening a crafted playlist file and affects the Unicode parsing logic in the Windows client. | ||||