Export limit exceeded: 20907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12241 | 1 Totolink | 2 A3300r, A3300r Firmware | 2025-10-28 | 8.8 High |
| A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557_B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. | ||||
| CVE-2025-60563 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-27 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetPortTr. | ||||
| CVE-2025-60729 | 1 Perfree | 1 Perfreeblog | 2025-10-27 | 5.3 Medium |
| PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function | ||||
| CVE-2025-11576 | 2 Newcodebyte, Wordpress | 2 Ai Chatbot Free Models, Wordpress | 2025-10-27 | 4.3 Medium |
| The AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.6.5. This is due to insufficient sanitization in the 'newcodebyte_chatbot_export_messages' function. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration. | ||||
| CVE-2025-12249 | 1 Axosoft | 1 Scrum And Bug Tracking | 2025-10-27 | 6.3 Medium |
| A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-12240 | 1 Totolink | 2 A3300r, A3300r Firmware | 2025-10-27 | 8.8 High |
| A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557_B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-12239 | 1 Totolink | 2 A3300r, A3300r Firmware | 2025-10-27 | 8.8 High |
| A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557_B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-55081 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-27 | 9.1 Critical |
| In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside of the expected range, it could cause an out-of-bound read. | ||||
| CVE-2025-61863 | 1 Fujielectric | 2 Monitouch V-sft, V-sft | 2025-10-27 | 7.8 High |
| An out-of-bounds read vulnerability exists in VS6ComFile!CSaveData::delete_mem of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | ||||
| CVE-2025-61862 | 1 Fujielectric | 2 Monitouch V-sft, V-sft | 2025-10-27 | 7.8 High |
| An out-of-bounds read vulnerability exists in VS6ComFile!get_ovlp_element_size of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | ||||
| CVE-2025-61861 | 1 Fujielectric | 2 Monitouch V-sft, V-sft | 2025-10-27 | 7.8 High |
| An out-of-bounds read vulnerability exists in VS6ComFile!load_link_inf of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | ||||
| CVE-2025-61860 | 1 Fujielectric | 2 Monitouch V-sft, V-sft | 2025-10-27 | 7.8 High |
| An out-of-bounds read vulnerability exists in VS6MemInIF!set_temp_type_default of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | ||||
| CVE-2025-61856 | 1 Fujielectric | 2 Monitouch V-sft, V-sft | 2025-10-27 | 7.8 High |
| A stack-based buffer overflow vulnerability exists in VS6ComFile!CV7BaseMap::WriteV7DataToRom of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | ||||
| CVE-2023-23376 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-10-27 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-33010 | 1 Zyxel | 46 Atp100, Atp100 Firmware, Atp100w and 43 more | 2025-10-27 | 9.8 Critical |
| A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. | ||||
| CVE-2025-60339 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-27 | 7.5 High |
| Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTime parameters. | ||||
| CVE-2025-60337 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-27 | 7.5 High |
| Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2025-55083 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-27 | 5.3 Medium |
| In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read. | ||||
| CVE-2025-55085 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-27 | 7.5 High |
| In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior. | ||||
| CVE-2022-29223 | 1 Eclipse | 1 Threadx Usbx | 2025-10-27 | 7.5 High |
| Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with `bNbPorts` set to a value greater than `UX_MAX_TT` which defaults to 8. For a `bNbPorts` value of 255, the implementation of `ux_host_class_hub_descriptor_get` function will modify the contents of `hub` -> `ux_host_class_hub_device` -> `ux_device_hub_tt` array violating the end boundary by 255 - `UX_MAX_TT` items. The USB host stack needs to validate the number of ports reported by the hub, and if the value is larger than UX_MAX_TT, USB stack needs to reject the request. This fix has been included in USBX release 6.1.10. | ||||