CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 3/4 • 470 CVEs.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2025-07-11
High

CVE-2025-7434

A vulnerability was found in Tenda FH451 up to 1.0.0.9 and classified as critical. Affected by this issue is the function fromAddressNat of the file /goform/addressNat of the component POST Request H…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7423

A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). Affected by this vulnerability is the function formWifiMacFilterSet of the file /goform/setWrlFilterList of the componen…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7422

A vulnerability classified as critical has been found in Tenda O3V2 1.0.0.12(3880). Affected is the function setAutoReboot of the file /goform/setNetworkService of the component httpd. The manipulati…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7421

A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been rated as critical. This issue affects the function fromMacFilterModify of the file /goform/operateMacFilter of the component httpd.…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7420

A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been declared as critical. This vulnerability affects the function formWifiBasicSet of the file /goform/setWrlBasicInfo of the component…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-10
High

CVE-2025-7419

A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been classified as critical. This affects the function fromSpeedTestSet of the file /goform/setRateTest of the component httpd. The mani…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7418

A vulnerability was found in Tenda O3V2 1.0.0.12(3880) and classified as critical. Affected by this issue is the function fromPingResultGet of the file /goform/setPing of the component httpd. The man…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7417

A vulnerability has been found in Tenda O3V2 1.0.0.12(3880) and classified as critical. Affected by this vulnerability is the function fromNetToolGet of the file /goform/setPingInfo of the component…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7416

A vulnerability, which was classified as critical, was found in Tenda O3V2 1.0.0.12(3880). Affected is the function fromSysToolTime of the file /goform/setSysTimeInfo of the component httpd. The mani…

CVSS: 8.8 CWE: CWE-119
Read more
Critical

CVE-2025-34096

A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an…

CVSS: 9.3 CWE: CWE-119
Read more
Medium

CVE-2025-49464

Classic buffer overflow in certain Zoom Clients for Windows may allow an authorised user to conduct a denial of service via network access.

CVSS: 6.5 CWE: CWE-120
Read more
Medium

CVE-2025-46789

Classic buffer overflow in certain Zoom Clients for Windows may allow an authorized user to conduct a denial of service via network access.

CVSS: 6.5 CWE: CWE-120
Read more
2025-07-09
Critical

CVE-2025-7206

A vulnerability, which was classified as critical, has been found in D-Link DIR-825 2.10. This issue affects the function sub_410DDC of the file switch_language.cgi of the component httpd. The manipu…

CVSS: 9.8 CWE: CWE-119
Read more
2025-07-08
High

CVE-2025-7194

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the component jhttpd.…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-49753

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-49744

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVSS: 7.0 CWE: CWE-122
Read more
High

CVE-2025-49732

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-122
Read more
High

CVE-2025-49729

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-49727

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVSS: 7.0 CWE: CWE-122
Read more
High

CVE-2025-49721

Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-122
Read more
High

CVE-2025-49717

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.

CVSS: 8.5 CWE: CWE-122
Read more
High

CVE-2025-49705

Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVSS: 7.8 CWE: CWE-122
Read more
High

CVE-2025-49697

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 CWE: CWE-122
Read more
High

CVE-2025-49691

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.

CVSS: 8.0 CWE: CWE-122
Read more
High

CVE-2025-49676

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-49674

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-49673

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-49672

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
Medium

CVE-2025-49670

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 6.5 CWE: CWE-122
Read more
High

CVE-2025-49669

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-49668

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-49666

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.

CVSS: 7.2 CWE: CWE-122
Read more
High

CVE-2025-49663

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-49657

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-48824

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-48805

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

CVSS: 7.8 CWE: CWE-122
Read more
High

CVE-2025-47998

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-47987

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-122
Read more
Critical

CVE-2025-47981

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

CVSS: 9.8 CWE: CWE-122
Read more
Medium

CVE-2025-5451

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a d…

CVSS: 4.9 CWE: CWE-121
Read more
High

CVE-2025-7345

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images,…

CVSS: 7.5 CWE: CWE-120
Read more
2025-07-07
High

CVE-2025-6663

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStream…

CVSS: 7.8 CWE: CWE-121
Read more
2025-06-30
High

CVE-2025-6882

A vulnerability classified as critical has been found in D-Link DIR-513 1.0. This affects an unknown part of the file /goform/formSetWanPPTP. The manipulation of the argument curTime leads to buffer…

CVSS: 8.8 CWE: CWE-119
Read more
2025-06-26
Critical

CVE-2015-0843

yubiserver before 0.6 is prone to buffer overflows due to misuse of sprintf.

CVSS: 9.8 CWE: CWE-120
Read more
Medium

CVE-2013-1424

Buffer overflow vulnerability in matplotlib.This issue affects matplotlib: before upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787.

CVSS: 5.6 CWE: CWE-120
Read more
2025-06-25
High

CVE-2025-6627

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-6617

A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argumen…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-6616

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWAN_Wizard51 of the file /goform/formSetWAN_Wizard51. The manipula…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-6615

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the file /goform/formAutoDetecWAN_wizard4. The manipulat…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-6614

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5.…

CVSS: 8.8 CWE: CWE-119
Read more
2025-06-23
High

CVE-2025-6511

A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46_1.0.76. This affects the function sub_410090. The manipulation leads to stack-based buffer overflow. It is possible to…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-6510

A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affected by this issue is the function sub_415EF8. The manipulation leads to stack-based buffer overflow.…

CVSS: 8.8 CWE: CWE-119
Read more
2025-06-20
High

CVE-2025-6337

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the…

CVSS: 8.8 CWE: CWE-119
Read more
2025-06-18
Critical

CVE-2025-20260

A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arb…

CVSS: 9.8 CWE: CWE-122
Read more
2025-06-17
High

CVE-2025-6158

A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buff…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-6151

A vulnerability has been found in TP-Link TL-WR940N V4 and TL-WR841N V11. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm, which may lead to buffer over…

CVSS: 8.2 CWE: CWE-119
Read more
2025-06-16
High

CVE-2025-6112

A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the arg…

CVSS: 8.8 CWE: CWE-119
Read more
2025-06-12
High

CVE-2025-6021

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a de…

CVSS: 7.5 CWE: CWE-121
Read more
2025-06-10
High

CVE-2025-47107

InCopy versions 20.2, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t…

CVSS: 7.8 CWE: CWE-122
Read more
High

CVE-2025-5969

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou of the component HTTP POST Re…

CVSS: 8.8 CWE: CWE-119
Read more
2025-06-06
High

CVE-2025-5750

WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitra…

CVSS: 8.8 CWE: CWE-122
Read more
2025-06-02
High

CVE-2025-1051

Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authen…

CVSS: 8.8 CWE: CWE-122
Read more
2025-05-27
High

CVE-2025-5222

A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to…

CVSS: 7.0 CWE: CWE-120
Read more
High

CVE-2025-48797

A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memo…

CVSS: 7.3 CWE: CWE-122
Read more
High

CVE-2025-5228

A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulatio…

CVSS: 8.8 CWE: CWE-119
Read more
2025-05-22
High

CVE-2025-46713

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 0.0.1 and prior to 1.15.12, API_SET_SECURE_PARAM may have an arithmetic o…

CVSS: 7.8 CWE: CWE-120
Read more
High

CVE-2025-3887

GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStream…

CVSS: 8.8 CWE: CWE-121
Read more
2025-05-14
Critical

CVE-2025-47436

Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompre…

CVSS: 9.8 CWE: CWE-122
Read more
2025-05-10
High

CVE-2025-4496

A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMun…

CVSS: 8.8 CWE: CWE-119
Read more
2025-05-09
Critical

CVE-2025-4447

In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.

CVSS: 9.8 CWE: CWE-121
Read more
2025-05-08
High

CVE-2025-1253

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Stack-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This…

CVSS: 7.8 CWE: CWE-120
Read more
High

CVE-2025-1252

Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 b…

CVSS: 7.1 CWE: CWE-122
Read more
2025-05-07
Medium

CVE-2025-31177

gnuplot is affected by a heap buffer overflow at function utf8_copy_one.

CVSS: 6.2 CWE: CWE-122
Read more
2025-04-30
High

CVE-2024-6031

Tesla Model S oFono AT Command Heap-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected Tesla Model S vehicles. An atta…

CVSS: 7.8 CWE: CWE-122
Read more
2025-04-28
High

CVE-2025-4007

A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the com…

CVSS: 8.8 CWE: CWE-119
Read more
2025-04-23
High

CVE-2025-1045

Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations o…

CVSS: 7.8 CWE: CWE-122
Read more
2025-04-19
High

CVE-2025-3820

A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipula…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-3803

A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipula…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-3802

A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulati…

CVSS: 8.8 CWE: CWE-119
Read more
2025-04-18
High

CVE-2025-3785

A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formStaticDHCP of the component Authorization Interfac…

CVSS: 8.8 CWE: CWE-119
Read more
2025-04-16
High

CVE-2025-3619

Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity…

CVSS: 8.8 CWE: CWE-122
Read more
High

CVE-2025-3693

A vulnerability was found in Tenda W12 3.0.0.5. It has been rated as critical. Affected by this issue is the function cgiWifiRadioSet of the file /bin/httpd. The manipulation leads to stack-based buf…

CVSS: 8.8 CWE: CWE-119
Read more
2025-04-14
Critical

CVE-2025-3277

An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer…

CVSS: 9.8 CWE: CWE-122
Read more
Medium

CVE-2025-3549

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/Ass…

CVSS: 5.3 CWE: CWE-119
Read more
Medium

CVE-2025-3548

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h…

CVSS: 5.3 CWE: CWE-119
Read more
2025-04-13
High

CVE-2025-3538

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the…

CVSS: 8.8 CWE: CWE-119
Read more
2025-04-08
High

CVE-2025-3289

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploite…

CVSS: 7.8 CWE: CWE-787
Read more
High

CVE-2025-3287

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploite…

CVSS: 7.8 CWE: CWE-125
Read more
2025-04-07
Medium

CVE-2025-29480

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invali…

CVSS: 5.5 CWE: CWE-120
Read more
2025-04-04
Medium

CVE-2025-3196

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/M…

CVSS: 5.3 CWE: CWE-119
Read more
2025-04-03
Medium

CVE-2025-3159

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASE::Parser::ParseLV4MeshBonesVertices of the file code/Asset…

CVSS: 5.3 CWE: CWE-119
Read more
Medium

CVE-2025-3158

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of…

CVSS: 5.3 CWE: CWE-119
Read more
2025-03-31
Medium

CVE-2023-33302

A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administ…

CVSS: 4.7 CWE: CWE-120
Read more
2025-03-28
Low

CVE-2025-2924

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free…

CVSS: 3.3 CWE: CWE-119
Read more
Low

CVE-2025-2923

A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5F_addr_encode_len of the file src/H5Fint.c. The manipulation of the…

CVSS: 3.3 CWE: CWE-119
Read more
Low

CVE-2025-2915

A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_…

CVSS: 3.3 CWE: CWE-119
Read more
Low

CVE-2025-2914

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect…

CVSS: 3.3 CWE: CWE-119
Read more
Low

CVE-2025-2912

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5O_msg_flush of the file src/H5Omessage.c. The manipulation of the…

CVSS: 3.3 CWE: CWE-119
Read more
2025-03-26
High

CVE-2025-2837

Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected…

CVSS: 8.8 CWE: CWE-121
Read more
2025-03-25
High

CVE-2025-2531

Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxio…

CVSS: 7.8 CWE: CWE-122
Read more
Medium

CVE-2025-2757

A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function AI_MD5_PARSE_STRING_IN_QUOTATION of the file code/AssetLib/MD5/MD5P…

CVSS: 6.3 CWE: CWE-119
Read more
Medium

CVE-2025-2756

A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLo…

CVSS: 6.3 CWE: CWE-119
Read more
Medium

CVE-2025-2754

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as critical. Affected by this vulnerability is the function Assimp::AC3DImporter::ConvertObjectSection of the…

CVSS: 6.3 CWE: CWE-119
Read more
2025-03-24
Medium

CVE-2021-26105

A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute…

CVSS: 6.8 CWE: CWE-358
Read more
2025-03-21
Medium

CVE-2025-2592

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/…

CVSS: 6.3 CWE: CWE-119
Read more
2025-03-19
Medium

CVE-2025-1758

Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above

CVSS: 4.3 CWE: CWE-121
Read more
2025-03-16
Medium

CVE-2025-2338

A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdup_vprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow.…

CVSS: 6.3 CWE: CWE-119
Read more
Medium

CVE-2025-2337

A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function Mat_VarPrint of the file src/mat.c. The manipulation leads to heap-based buffer…

CVSS: 6.3 CWE: CWE-119
Read more
2025-03-13
High

CVE-2025-29360

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial o…

CVSS: 7.5 CWE: CWE-120
Read more
High

CVE-2025-29359

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the deviceId parameter at /goform/saveParentControlInfo. This vulnerability allows attackers to cause a Denial of…

CVSS: 7.5 CWE: CWE-120
Read more
High

CVE-2025-29358

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the firewallEn parameter at /goform/SetFirewallCfg. This vulnerability allows attackers to cause a Denial of Servi…

CVSS: 7.5 CWE: CWE-120
Read more
High

CVE-2025-29357

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the startIp and endIp parameters at /goform/SetPptpServerCfg. This vulnerability allows attackers to cause a Denia…

CVSS: 7.5 CWE: CWE-404
Read more
2025-03-12
Critical

CVE-2025-25567

SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in Internat.c via the UniToStrForSingleChars function. NOTE: the Supplier disputes this because the behavior only enables a local user to atta…

CVSS: 9.8 CWE: CWE-120
Read more
Critical

CVE-2025-25565

SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert and PtMakeCert2048 functions. NOTE: the Supplier disputes this because the behavior only allows a use…

CVSS: 9.8 CWE: CWE-120
Read more
2025-03-11
High

CVE-2025-2019

Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of…

CVSS: 7.8 CWE: CWE-122
Read more
High

CVE-2025-2017

Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vell…

CVSS: 7.8 CWE: CWE-120
Read more
Medium

CVE-2024-46663

A stack-buffer overflow vulnerability [CWE-121] in Fortinet FortiMail CLI version 7.6.0 through 7.6.1 and before 7.4.3 allows a privileged attacker to execute arbitrary code or commands via specifica…

CVSS: 6.7 CWE: CWE-121
Read more
2025-03-03
Medium

CVE-2025-0689

When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk se…

CVSS: 6.7 CWE: CWE-120
Read more
2025-02-21
Critical

CVE-2025-0838

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size arg…

CVSS: 9.8 CWE: CWE-190
Read more
2025-02-11
Medium

CVE-2025-25527

Buffer overflow vulnerability in Ruijie RG-NBR2600S Gateway 10.3(4b12) due to the lack of length verification, which is related to the configuration of source address NAT rules. Attackers who success…

CVSS: 5.1 CWE: CWE-120
Read more