Export limit exceeded: 15147 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15147 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-1853 | 1 Tenda | 1 Ac8 | 2025-07-12 | 8.8 High |
| A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub_49E098 of the file /goform/SetIpMacBind of the component Parameter Handler. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-1896 | 1 Tenda | 1 Tx3 | 2025-07-12 | 6.5 Medium |
| A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-1898 | 1 Tenda | 1 Tx3 | 2025-07-12 | 6.5 Medium |
| A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5865 | 1 Rt-thread | 1 Rt-thread | 2025-07-11 | 8 High |
| A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that "[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory." | ||||
| CVE-2025-5866 | 1 Rt-thread | 1 Rt-thread | 2025-07-11 | 8 High |
| A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. | ||||
| CVE-2025-5868 | 1 Rt-thread | 1 Rt-thread | 2025-07-11 | 8 High |
| A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. | ||||
| CVE-2025-5869 | 1 Rt-thread | 1 Rt-thread | 2025-07-11 | 8 High |
| A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption. | ||||
| CVE-2024-46728 | 1 Linux | 1 Linux Kernel | 2025-07-11 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index for aux_rd_interval before using aux_rd_interval has size of 7 and should be checked. This fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coverity. | ||||
| CVE-2025-6334 | 2 D-link, Dlink | 3 Dir-867, Dir-867, Dir-867 Firmware | 2025-07-11 | 8.8 High |
| A vulnerability has been found in D-Link DIR-867 1.0 and classified as critical. This vulnerability affects the function strncpy of the component Query String Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-6328 | 2 D-link, Dlink | 3 Dir-815, Dir-815, Dir-815 Firmware | 2025-07-11 | 8.8 High |
| A vulnerability was found in D-Link DIR-815 1.01. It has been declared as critical. This vulnerability affects the function sub_403794 of the file hedwig.cgi. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6693 | 1 Rt-thread | 1 Rt-thread | 2025-07-11 | 7.8 High |
| A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sys_device_open/sys_device_read/sys_device_control/sys_device_init/sys_device_close/sys_device_write of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-48902 | 1 Huawei | 2 Emui, Harmonyos | 2025-07-11 | 6.6 Medium |
| Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-39929 | 1 Exim | 1 Exim | 2025-07-10 | 5.4 Medium |
| Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users. | ||||
| CVE-2024-38218 | 1 Microsoft | 1 Edge Chromium | 2025-07-10 | 8.4 High |
| Microsoft Edge (HTML-based) Memory Corruption Vulnerability | ||||
| CVE-2024-38177 | 1 Microsoft | 1 App Installer | 2025-07-10 | 7.8 High |
| Windows App Installer Spoofing Vulnerability | ||||
| CVE-2018-6381 | 2 Canonical, Gdraheim | 2 Ubuntu Linux, Zziplib | 2025-07-10 | N/A |
| In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data. | ||||
| CVE-2017-5974 | 2 Debian, Gdraheim | 2 Debian Linux, Zziplib | 2025-07-10 | 5.5 Medium |
| Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. | ||||
| CVE-2018-7725 | 3 Canonical, Gdraheim, Redhat | 6 Ubuntu Linux, Zziplib, Enterprise Linux and 3 more | 2025-07-10 | N/A |
| An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service. | ||||
| CVE-2018-7726 | 3 Canonical, Gdraheim, Redhat | 6 Ubuntu Linux, Zziplib, Enterprise Linux and 3 more | 2025-07-10 | N/A |
| An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. | ||||
| CVE-2020-18770 | 2 Gdraheim, Redhat | 2 Zziplib, Enterprise Linux | 2025-07-10 | 5.5 Medium |
| An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. | ||||