Total
2763 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-24882 | 2026-01-29 | N/A | 8.4 HIGH | ||
| In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys. | |||||
| CVE-2025-26386 | 2026-01-29 | N/A | N/A | ||
| Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of the machine hosting the ICU tool. | |||||
| CVE-2020-37001 | 2026-01-29 | N/A | 8.4 HIGH | ||
| Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attackers to execute arbitrary code by overflowing the 'Archive To' input field. Attackers can craft a malicious payload that overwrites the Structured Exception Handler (SEH) and uses an egghunter technique to execute a reverse shell payload. | |||||
| CVE-2020-36971 | 2026-01-29 | N/A | 8.4 HIGH | ||
| Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system. | |||||
| CVE-2020-36961 | 2026-01-29 | N/A | 9.8 CRITICAL | ||
| 10-Strike Network Inventory Explorer 8.65 contains a buffer overflow vulnerability in exception handling that allows remote attackers to execute arbitrary code. Attackers can craft a malicious file with 209 bytes of padding and a specially constructed Structured Exception Handler to trigger code execution. | |||||
| CVE-2020-36997 | 2026-01-29 | N/A | 9.8 CRITICAL | ||
| BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler (SEH) chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing arbitrary code and gaining control of the application. | |||||
| CVE-2020-37000 | 2026-01-29 | N/A | 9.8 CRITICAL | ||
| Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can leverage a specially crafted exploit file with shellcode, SEH bypass, and egghunter technique to achieve remote code execution on vulnerable Windows systems. | |||||
| CVE-2025-65805 | 1 Openairinterface | 1 Oai-cn5g-amf | 2026-01-29 | N/A | 7.5 HIGH |
| OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF. | |||||
| CVE-2026-1361 | 2026-01-27 | N/A | 7.8 HIGH | ||
| ASDA-Soft Stack-based Buffer Overflow Vulnerability | |||||
| CVE-2025-9820 | 2026-01-27 | N/A | 4.0 MEDIUM | ||
| A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks. | |||||
| CVE-2025-70651 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-01-26 | N/A | 7.5 HIGH |
| Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70648 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-01-26 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_727F4 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70646 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-01-26 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_72290 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-71020 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-26 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_4C408 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70746 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-26 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70645 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-26 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetWifiMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70650 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-26 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70644 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-26 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the time parameter of the sub_60CFC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-69764 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-26 | N/A | 9.8 CRITICAL |
| Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution. | |||||
| CVE-2025-69766 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-26 | N/A | 9.8 CRITICAL |
| Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution. | |||||