Export limit exceeded: 21730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21730 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-35571 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2025-03-17 | 9.8 Critical |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | ||||
| CVE-2025-25674 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-03-17 | 9.8 Critical |
| Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid. | ||||
| CVE-2024-32317 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-03-17 | 7.5 High |
| Tenda AC10 v4.0 V16.03.10.13 and V16.03.10.20 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. | ||||
| CVE-2024-32306 | 1 Tenda | 2 Ac10u, Ac10u Firmware | 2025-03-17 | 5.7 Medium |
| Tenda AC10U v1.0 Firmware v15.03.06.49 has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. | ||||
| CVE-2024-30612 | 2 Tenda, Tendacn | 3 Ac10u, Ac10u Firmware, Ac10u Firmware | 2025-03-17 | 8.1 High |
| Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function. | ||||
| CVE-2024-25373 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-03-17 | 4.6 Medium |
| Tenda AC10V4.0 V16.03.10.20 was discovered to contain a stack overflow via the page parameter in the sub_49B384 function. | ||||
| CVE-2024-57956 | 1 Huawei | 1 Harmonyos | 2025-03-17 | 2.8 Low |
| Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-57958 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-17 | 5.7 Medium |
| Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | ||||
| CVE-2024-46571 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | 7.5 High |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2024-46568 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-17 | 7.5 High |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2024-29508 | 1 Artifex | 1 Ghostscript | 2025-03-17 | 3.3 Low |
| Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc. | ||||
| CVE-2024-24416 | 1 Linuxfoundation | 1 Magma | 2025-03-15 | 7.5 High |
| The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. | ||||
| CVE-2023-42943 | 1 Apple | 1 Macos | 2025-03-15 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14. An app may be able to read sensitive location information. | ||||
| CVE-2023-26253 | 1 Gluster | 1 Glusterfs | 2025-03-14 | 7.5 High |
| In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read. | ||||
| CVE-2020-16297 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2025-03-14 | 5.5 Medium |
| A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
| CVE-2024-32230 | 1 Ffmpeg | 1 Ffmpeg | 2025-03-14 | 7.8 High |
| FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0 | ||||
| CVE-2024-30628 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-03-14 | 9.8 Critical |
| Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the page parameter from fromAddressNat function. | ||||
| CVE-2024-24417 | 1 Linuxfoundation | 1 Magma | 2025-03-14 | 7.5 High |
| The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. | ||||
| CVE-2024-47804 | 2 Jenkins, Redhat | 2 Jenkins, Ocp Tools | 2025-03-14 | 4.3 Medium |
| If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction. | ||||
| CVE-2024-46584 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-03-14 | 7.5 High |
| Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the AControlIp1 parameter at acontrol.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||