Total
13313 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-52356 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-12-10 | N/A | 7.5 HIGH |
| A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. | |||||
| CVE-2023-52355 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-12-10 | N/A | 7.5 HIGH |
| An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB. | |||||
| CVE-2025-14133 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-12-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function AP_get_wireless_clientlist_setClientsName of the file mod_form.so. Performing manipulation of the argument clientsname_0 results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-14135 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-12-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function AP_get_wired_clientlist_setClientsName of the file mod_form.so. The manipulation of the argument clientsname_0 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-14136 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-12-10 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2Repeater_get_wired_clientlist_setClientsName of the file mod_form.so. The manipulation of the argument clientsname_0 results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-12196 | 1 Watchguard | 34 Firebox M270, Firebox M290, Firebox M370 and 31 more | 2025-12-10 | N/A | 7.2 HIGH |
| An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2. | |||||
| CVE-2025-12195 | 1 Watchguard | 34 Firebox M270, Firebox M290, Firebox M370 and 31 more | 2025-12-10 | N/A | 7.2 HIGH |
| An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially crafted IPSec configuration CLI commands.This vulnerability affects Fireware OS 11.0 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2. | |||||
| CVE-2025-12026 | 1 Watchguard | 34 Firebox M270, Firebox M290, Firebox M370 and 31 more | 2025-12-10 | N/A | 7.2 HIGH |
| An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2. | |||||
| CVE-2025-42877 | 2025-12-09 | N/A | 7.5 HIGH | ||
| SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application. | |||||
| CVE-2025-48638 | 1 Google | 1 Android | 2025-12-08 | N/A | 7.8 HIGH |
| In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48624 | 1 Google | 1 Android | 2025-12-08 | N/A | 7.8 HIGH |
| In multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48623 | 1 Google | 1 Android | 2025-12-08 | N/A | 7.8 HIGH |
| In init_pkvm_hyp_vcpu of pkvm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-64331 | 1 Oisf | 1 Suricata | 2025-12-08 | N/A | 7.5 HIGH |
| Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow can occur on large HTTP file transfers if the user has increased the HTTP response body limit and enabled the logging of printable http bodies. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves using default HTTP response body limits and/or disabling http-body-printable logging; body logging is disabled by default. | |||||
| CVE-2025-8854 | 1 Bulletphysics | 1 Pybullet | 2025-12-08 | N/A | 9.8 CRITICAL |
| Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong initial token processed by the VHACD test utility or invoked indirectly through PyBullet's vhacd function. | |||||
| CVE-2025-62507 | 1 Redis | 1 Redis | 2025-12-08 | N/A | 8.8 HIGH |
| Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this issue without patching the redis-server executable is to prevent users from executing XACKDEL operation. This can be done using ACL to restrict XACKDEL command. | |||||
| CVE-2025-9809 | 1 Libretro | 1 Libretro-common | 2025-12-08 | N/A | 9.8 CRITICAL |
| Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer. | |||||
| CVE-2025-64657 | 1 Microsoft | 1 Azure Application Gateway | 2025-12-08 | N/A | 9.8 CRITICAL |
| Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network. | |||||
| CVE-2023-39784 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 7.5 HIGH |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function. | |||||
| CVE-2023-40900 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | |||||
| CVE-2023-39786 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 7.5 HIGH |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function. | |||||