Total
2241 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24332 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-25 | 8.1 High |
| A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet. | ||||
| CVE-2023-24334 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-03-25 | 8.0 High |
| A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter. | ||||
| CVE-2025-30472 | 2025-03-25 | 9 Critical | ||
| Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. | ||||
| CVE-2022-42444 | 3 Ibm, Linux, Microsoft | 4 Aix, App Connect Enterprise, Linux Kernel and 1 more | 2025-03-25 | 4.9 Medium |
| IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538. | ||||
| CVE-2022-43764 | 1 Br-automation | 1 Industrial Automation Aprol | 2025-03-25 | 9.8 Critical |
| Insufficient validation of input parameters when changing configuration on Tbase server in B&R APROL versions < R 4.2-07 could result in buffer overflow. This may lead to Denial-of-Service conditions or execution of arbitrary code. | ||||
| CVE-2024-47939 | 2025-03-25 | N/A | ||
| Stack-based buffer overflow vulnerability exists in multiple Ricoh laser printers and MFPs which implement Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. As for the details of affected product names and versions, refer to the information provided by the vendor under [References]. | ||||
| CVE-2023-24348 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. | ||||
| CVE-2023-24347 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. | ||||
| CVE-2023-24346 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3. | ||||
| CVE-2023-24345 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. | ||||
| CVE-2023-24344 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. | ||||
| CVE-2023-24343 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. | ||||
| CVE-2024-13903 | 1 Quickjs-ng | 1 Quickjs | 2025-03-24 | 4.3 Medium |
| A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. It has been declared as problematic. Affected by this vulnerability is the function JS_GetRuntime of the file quickjs.c of the component qjs. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. Upgrading to version 0.9.0 is able to address this issue. The patch is named 99c02eb45170775a9a679c32b45dd4000ea67aff. It is recommended to upgrade the affected component. | ||||
| CVE-2025-24075 | 2025-03-23 | 7.8 High | ||
| Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-0349 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-22 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2025-29121 | 2025-03-21 | 7.5 High | ||
| A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow. | ||||
| CVE-2024-57440 | 2025-03-21 | 7.5 High | ||
| D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer Overflow via the COMM_MAKECustomMsg function of the webproc cgi | ||||
| CVE-2025-24928 | 1 Redhat | 7 Enterprise Linux, Openshift Distributed Tracing, Rhel Aus and 4 more | 2025-03-21 | 7.8 High |
| libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047. | ||||
| CVE-2025-29118 | 2025-03-21 | 6.5 Medium | ||
| Tenda AC8 V16.03.34.06 was discovered to contain a stack overflow via the src parameter in the function sub_47D878. | ||||
| CVE-2025-26336 | 2025-03-21 | 8.3 High | ||
| Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. | ||||