Total
13318 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5080 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-06-20 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5109 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-06-20 | 7.3 High |
| A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5978 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-06-20 | 8.8 High |
| A vulnerability was found in Tenda FH1202 1.2.0.14. It has been classified as critical. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6130 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-20 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6138 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-20 | 8.8 High |
| A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4730 | 1 Totolink | 4 A3002r, A3002r Firmware, A3002ru and 1 more | 2025-06-20 | 8.8 High |
| A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4731 | 1 Totolink | 4 A3002r, A3002r Firmware, A3002ru and 1 more | 2025-06-20 | 8.8 High |
| A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type/ip_subnet leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4732 | 1 Totolink | 4 A3002r, A3002r Firmware, A3002ru and 1 more | 2025-06-20 | 8.8 High |
| A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4733 | 1 Totolink | 4 A3002r, A3002r Firmware, A3002ru and 1 more | 2025-06-20 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5934 | 1 Netgear | 2 Ex3700, Ex3700 Firmware | 2025-06-20 | 8.8 High |
| A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub_41619C of the file /mtd. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.0.98 is able to address this issue. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-6334 | 2025-06-20 | 8.8 High | ||
| A vulnerability has been found in D-Link DIR-867 1.0 and classified as critical. This vulnerability affects the function strncpy of the component Query String Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-6336 | 2025-06-20 | 8.8 High | ||
| A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6337 | 2025-06-20 | 8.8 High | ||
| A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6292 | 2025-06-20 | 8.8 High | ||
| A vulnerability has been found in D-Link DIR-825 2.03 and classified as critical. This vulnerability affects the function sub_4091AC of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-6291 | 2025-06-20 | 8.8 High | ||
| A vulnerability, which was classified as critical, was found in D-Link DIR-825 2.03. This affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-6275 | 2025-06-19 | 3.3 Low | ||
| A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. A similar issue reported during the same timeframe was disputed by the code maintainer because it might not affect "real world wasm programs". Therefore, this entry might get disputed as well in the future. | ||||
| CVE-2025-6272 | 2025-06-19 | 3.3 Low | ||
| A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6271 | 2025-06-19 | 3.3 Low | ||
| A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wav_convert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6270 | 2025-06-19 | 5.3 Medium | ||
| A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FS__sect_find_node of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6269 | 2025-06-19 | 5.3 Medium | ||
| A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5C__reconstruct_cache_entry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | ||||