Total
3806 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38576 | 1 Linux | 1 Linux Kernel | 2025-04-01 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in print_cpu_stall_info() The rcuc-starvation output from print_cpu_stall_info() might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers sometimes get very confused about time, which can result in full-sized integers, and, in this case, buffer overflow. Also, the unsigned jiffies difference is printed using %ld, which is normally for signed integers. This is intentional for debugging purposes, but it is not obvious from the code. This commit therefore changes sprintf() to snprintf() and adds a clarifying comment about intention of %ld format. Found by Linux Verification Center (linuxtesting.org) with SVACE. | |||||
| CVE-2024-50667 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not sufficient, which allows attackers to construct payloads for attacks. | |||||
| CVE-2024-42813 | 1 Trendnet | 2 Tew-752dru, Tew-752dru Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. | |||||
| CVE-2025-27833 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c. | |||||
| CVE-2025-27834 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c. | |||||
| CVE-2025-26002 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost. | |||||
| CVE-2025-26004 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns. | |||||
| CVE-2025-26005 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp. | |||||
| CVE-2025-26006 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest. | |||||
| CVE-2025-26007 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi. | |||||
| CVE-2025-26008 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTimeHost. | |||||
| CVE-2025-28361 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 7.5 HIGH |
| Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component. | |||||
| CVE-2025-26011 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword. | |||||
| CVE-2024-28759 | 2025-03-28 | N/A | 4.3 MEDIUM | ||
| A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09. | |||||
| CVE-2023-24169 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-28 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_0007343c. | |||||
| CVE-2024-28564 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | N/A | 6.2 MEDIUM |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::CharPtrIO::readChars() function when reading images in EXR format. | |||||
| CVE-2024-28565 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the psdParser::ReadImageData() function when reading images in PSD format. | |||||
| CVE-2024-28569 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::Xdr::read() function when reading images in EXR format. | |||||
| CVE-2024-28570 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the processMakerNote() function when reading images in JPEG format. | |||||
| CVE-2024-28576 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_tcp_destroy() function when reading images in J2K format. | |||||