Export limit exceeded: 20245 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20245 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-57011 | 1 Totolink | 2 X5000r, X5000r Firmware | 2025-03-17 | 8.8 High |
| TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg. | ||||
| CVE-2023-5002 | 2 Fedoraproject, Pgadmin | 2 Fedora, Pgadmin 4 | 2025-03-17 | 6 Medium |
| A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an authenticated user to run arbitrary commands on the server. | ||||
| CVE-2024-35519 | 1 Netgear | 6 Ex3700, Ex3700 Firmware, Ex6100 and 3 more | 2025-03-17 | 8.4 High |
| Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter. | ||||
| CVE-2024-27387 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-03-17 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_rx_range_done_ind(), there is no input validation check on rtt_id coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2025-25664 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | 9.8 Critical |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function. | ||||
| CVE-2024-46261 | 2 Cute Png, Randygaul | 2 Cute Png, Cute Png | 2025-03-17 | 7.8 High |
| cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h. | ||||
| CVE-2025-25663 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | 9.8 Critical |
| A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. | ||||
| CVE-2024-57704 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | 4.6 Medium |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. | ||||
| CVE-2024-46652 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 Firmware | 2025-03-17 | 9.8 Critical |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function. | ||||
| CVE-2024-57703 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | 7.3 High |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. | ||||
| CVE-2024-57578 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | 5.7 Medium |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. | ||||
| CVE-2024-57577 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | 5.7 Medium |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | ||||
| CVE-2024-48826 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2025-03-17 | 8 High |
| Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. | ||||
| CVE-2024-48825 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2025-03-17 | 8 High |
| Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. | ||||
| CVE-2024-44375 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-03-17 | 7.5 High |
| D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function. | ||||
| CVE-2024-57961 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-17 | 6.8 Medium |
| Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | ||||
| CVE-2024-31331 | 1 Google | 1 Android | 2025-03-14 | 7.8 High |
| In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2023-30774 | 3 Apple, Libtiff, Redhat | 3 Macos, Libtiff, Enterprise Linux | 2025-03-14 | 5.5 Medium |
| A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. | ||||
| CVE-2019-12483 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2025-03-14 | 7.8 High |
| An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box. | ||||
| CVE-2020-16304 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2025-03-14 | 5.5 Medium |
| A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51. | ||||