Export limit exceeded: 348912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43731 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67810 | 1 Area9lyceum | 1 Rhapsode | 2026-02-10 | 6.5 Medium |
| In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 (#7254) and further versions. | ||||
| CVE-2025-14026 | 1 Forcepoint | 2 One Data Loss Prevention, One Endpoint | 2026-02-10 | 7.8 High |
| Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface (FFI) for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code execution. It was demonstrated that these restrictions could be bypassed. | ||||
| CVE-2025-21449 | 1 Qualcomm | 371 315 5g Iot, 315 5g Iot Firmware, Apq8017 and 368 more | 2026-02-10 | 7.5 High |
| Transient DOS may occur while processing malformed length field in SSID IEs. | ||||
| CVE-2025-11653 | 1 Utt | 3 2620g, 2620g Firmware, Hiper 2620g | 2026-02-10 | 8.8 High |
| A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15312 | 1 Tanium | 1 Tanos | 2026-02-10 | 6.6 Medium |
| Tanium addressed an improper output sanitization vulnerability in Tanium Appliance. | ||||
| CVE-2025-15311 | 1 Tanium | 1 Tanos | 2026-02-10 | 7.8 High |
| Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance. | ||||
| CVE-2025-58744 | 2 Microsoft, Milner | 2 Windows, Imagedirector Capture | 2026-02-10 | 7.5 High |
| Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808. | ||||
| CVE-2025-69970 | 1 Frangoteam | 1 Fuxa | 2026-02-10 | 9.3 Critical |
| FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by default, causing the application to initialize with authentication disabled. This allows unauthenticated remote attackers to access sensitive API endpoints, modify projects, and control industrial equipment immediately after installation. | ||||
| CVE-2025-67186 | 1 Totolink | 2 A950rg, A950rg Firmware | 2026-02-10 | 9.8 Critical |
| TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cste_modules/firewall.so. The vulnerability occurs because the `url` parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially leading to arbitrary code execution or denial of service. | ||||
| CVE-2025-67188 | 1 Totolink | 2 A950rg, A950rg Firmware | 2026-02-10 | 9.8 Critical |
| A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The issue resides in the setRadvdCfg interface of the /lib/cste_modules/ipv6.so module. The function fails to properly validate the length of the user-controlled radvdinterfacename parameter, allowing remote attackers to trigger a stack buffer overflow. | ||||
| CVE-2025-67189 | 1 Totolink | 2 A950rg, A950rg Firmware | 2026-02-10 | 6.5 Medium |
| A buffer overflow vulnerability exists in the setParentalRules interface of TOTOLINK A950RG V4.1.2cu.5204_B20210112. The urlKeyword parameter is not properly validated, and the function concatenates multiple user-controlled fields into a fixed-size stack buffer without performing boundary checks. A remote attacker can exploit this flaw to cause denial of service or potentially achieve arbitrary code execution. | ||||
| CVE-2025-10953 | 1 Utt | 4 1200gw, 1200gw Firmware, 1250gw and 1 more | 2026-02-10 | 8.8 High |
| A security vulnerability has been detected in UTT 1200GW and 1250GW up to 3.0.0-170831/3.2.2-200710. This vulnerability affects unknown code of the file /goform/formApMail. The manipulation of the argument senderEmail leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-67187 | 1 Totolink | 2 A950rg, A950rg Firmware | 2026-02-10 | 9.8 Critical |
| A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment parameter is not properly validated for length. | ||||
| CVE-2025-24477 | 1 Fortinet | 1 Fortios | 2026-02-10 | 4 Medium |
| A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command | ||||
| CVE-2020-37133 | 2 Ultravnc, Uvnc | 2 Ultravnc, Ultravnc | 2026-02-09 | 7.5 High |
| UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash. | ||||
| CVE-2020-37132 | 2 Ultravnc, Uvnc | 2 Ultravnc, Ultravnc | 2026-02-09 | 6.2 Medium |
| UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long 300-character string into the password field to trigger an application crash and prevent normal launcher functionality. | ||||
| CVE-2020-37130 | 2 Nsasoft, Nsauditor | 2 Nsauditor, Nsauditor | 2026-02-09 | 7.5 High |
| Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an application crash when pasted into the registration name field. | ||||
| CVE-2025-61140 | 1 Dchester | 1 Jsonpath | 2026-02-09 | 9.8 Critical |
| The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution. | ||||
| CVE-2025-68137 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-02-06 | 8.4 High |
| EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in `SdpPacket::parse_header()` allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtracted by the header length which results in a negative value. This value is then interpreted as `SIZE_MAX` (or slightly less) because the expected type of the argument is `size_t`. Depending on whether the server is plain TCP or TLS, this leads to either an infinite loop or a stack buffer overflow. Version 2025.10.0 fixes the issue. | ||||
| CVE-2025-68132 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-02-06 | 4.6 Medium |
| EVerest is an EV charging software stack. Prior to version 2025.12.0, `is_message_crc_correct` in the DZG_GSH01 powermeter SLIP parser reads `vec[vec.size()-1]` and `vec[vec.size()-2]` without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach `is_message_crc_correct` with `vec.size() < 2` (only via the multi-message path), causing an out-of-bounds read before CRC verification and `pop_back` underflow. Therefore, an attacker controlling the serial input can reliably crash the process. Version 2025.12.0 fixes the issue. | ||||