Export limit exceeded: 23243 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23243 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-37536 1 Miaofng 1 Uds-c 2026-05-04 8.8 High
miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a (2016-10-05) contains a stack buffer overflow in send_diagnostic_request. A 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) receives memcpy at offset 1+pid_length with payload_length bytes. MAX_UDS_REQUEST_PAYLOAD_LENGTH=7, so 1+2+7=10 exceeds buffer by 4 bytes. No bounds check on payload_length before memcpy.
CVE-2026-37538 1 Dschanoeh 1 Socketcand 2026-05-04 7.5 High
Buffer overflow vulnerability in socketcand 0.4.2 in file socketcand.c in function main allows attackers to cause a denial of service or other unspecified impacts via crafted bus_name.
CVE-2026-42485 1 Automotivelinux 1 Agl-service-can-low-level 2026-05-04 7.5 High
AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but copies up to 7 bytes (MAX_UDS_REQUEST_PAYLOAD_LENGTH=7) via memcpy at an offset of 1+pid_length (2-3 bytes), resulting in 1-4 bytes of controlled stack overflow. The payload_length field (uint8_t) has no bounds check against the destination buffer. On 32-bit ARM automotive ECUs without stack canaries, this can lead to return address overwrite and RCE.
CVE-2026-30363 1 Flipperzero 1 Flipper Zero Firmware 2026-05-04 8.4 High
flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function.
CVE-2025-70072 1 Assimp 1 Assimp 2026-05-04 6.5 Medium
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial() components
CVE-2025-70071 1 Assimp 1 Assimp 2026-05-04 5.9 Medium
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray()
CVE-2018-25301 1 Ether Software 1 Easy Mpeg To Dvd Burner 2026-05-04 8.4 High
Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious username string. Attackers can craft a payload containing junk data, SEH chain pointers, and shellcode that overwrites the SEH handler to redirect execution and run arbitrary commands like opening calc.exe.
CVE-2026-7684 1 Edimax 1 Br-6428nc 2026-05-04 8.8 High
A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway  leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-20100 1 Cisco 3 Adaptive Security Appliance Software, Firepower Threat Defense, Secure Firewall Threat Defense 2026-05-04 7.7 High
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This does not affect the management or MUS interfaces. This vulnerability is due to trusting user input without validation in the LUA interprerter. An attacker could exploit this vulnerability by sending crafted HTTP packets to the Remote Access SSL VPN server. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
CVE-2026-7503 1 Code-projects 1 For Plugin 2026-05-04 8.8 High
A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.
CVE-2026-7513 1 Utt 1 Hiper 1200gw 2026-05-04 8.8 High
A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-37539 1 Mguentner 1 Cannelloni 2026-05-04 9.8 Critical
Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted CAN FD frames.
CVE-2026-42996 1 Js8call 2 Js8call, Js8call-improved 2026-05-04 N/A
JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp.
CVE-2026-7674 1 Shenzhen Libituo Technology 1 Lbt-t300-hw1 2026-05-04 8.8 High
A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function start_single_service of the component Web Management Interface. Executing a manipulation of the argument vpn_pptp_server/vpn_l2tp_server can lead to buffer overflow. The attack can be executed remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-1940 4 Debian, Freedesktop, Gstreamer and 1 more 4 Debian Linux, Gst-plugins-good, Gstreamer and 1 more 2026-05-04 5.1 Medium
An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added a size validation check lsize + 8 > size, but it does not account for the GST_ROUND_UP_2(lsize) used in the actual offset calculation. When lsize is an odd number, the parser advances more bytes than validated, causing OOB read.
CVE-2026-7685 1 Edimax 2 Br-6208ac, Br-6208ac Firmware 2026-05-04 8.8 High
A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway  results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-5043 1 Autodesk 17 3ds Max, Advance Steel, Autocad and 14 more 2026-05-04 7.8 High
A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVE-2026-7470 1 Tenda 2 4g300, 4g300 Firmware 2026-05-04 8.8 High
A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. Affected is the function sub_427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.
CVE-2026-7425 1 Amazon 1 Freertos-plus-tcp 2026-05-04 6.5 Medium
Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size. To mitigate this issue, users should upgrade to the fixed version when available.
CVE-2026-7735 1 Osrg 1 Gobgp 2026-05-04 7.3 High
A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading to version 4.4.0 is able to address this issue. The patch is named 51ad1ada06cb41ce47b7066799981816f50b7ced. The affected component should be upgraded.