Export limit exceeded: 335023 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 335023 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335023 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32404 | 1 Rt-labs | 1 P-net | 2025-05-13 | 4.8 Medium |
| An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32403 | 1 Rt-labs | 1 P-net | 2025-05-13 | 4.8 Medium |
| An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32402 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32401 | 1 Rt-labs | 1 P-net | 2025-05-13 | 4.8 Medium |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32400 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32399 | 1 Rt-labs | 1 P-net | 2025-05-13 | 5.3 Medium |
| An Unchecked Input for Loop Condition in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to cause IO devices that use the library to enter an infinite loop by sending a malicious RPC packet. | ||||
| CVE-2025-32398 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| A NULL Pointer Dereference in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32397 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32396 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-4368 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-05-13 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-45492 | 1 Netgear | 2 Ex8000, Ex8000 Firmware | 2025-05-13 | 6.5 Medium |
| Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function. | ||||
| CVE-2025-45491 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-05-13 | 9.8 Critical |
| Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter. | ||||
| CVE-2025-45490 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-05-13 | 6.5 Medium |
| Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter. | ||||
| CVE-2025-45489 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-05-13 | 6.5 Medium |
| Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter. | ||||
| CVE-2025-45488 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-05-13 | 6.5 Medium |
| Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter. | ||||
| CVE-2025-45487 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-05-13 | 6.5 Medium |
| Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function. | ||||
| CVE-2025-23379 | 1 Dell | 1 Storage Manager | 2025-05-13 | 3.5 Low |
| Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection. | ||||
| CVE-2025-2657 | 1 Projectworlds | 1 Apartment Visitors Management System | 2025-05-13 | 7.3 High |
| A vulnerability classified as critical was found in projectworlds Apartment Visitors Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /front.php. The manipulation of the argument rid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-22479 | 1 Dell | 1 Storage Manager | 2025-05-13 | 3.5 Low |
| Dell Storage Center - Dell Storage Manager, version(s) 20.0.21, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection. | ||||
| CVE-2023-45892 | 1 Floorsightsoftware | 1 Insight | 2025-05-13 | 7.5 High |
| An issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information. | ||||