Total
13672 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7726 | 3 Canonical, Gdraheim, Redhat | 6 Ubuntu Linux, Zziplib, Enterprise Linux and 3 more | 2025-07-10 | N/A |
| An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. | ||||
| CVE-2024-39134 | 2 Gdraheim, Zziplib | 2 Zziplib, Zziplib | 2025-07-10 | 7.5 High |
| A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c. | ||||
| CVE-2025-6393 | 1 Totolink | 8 A3002r, A3002r Firmware, A3002ru and 5 more | 2025-07-09 | 8.8 High |
| A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7086 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability classified as critical has been found in Belkin F9K1122 1.00.33. Affected is the function formPPTPSetup of the file /goform/formPPTPSetup of the component webs. The manipulation of the argument pptpUserName leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7087 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability classified as critical was found in Belkin F9K1122 1.00.33. Affected by this vulnerability is the function formL2TPSetup of the file /goform/formL2TPSetup of the component webs. The manipulation of the argument L2TPUserName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7084 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. This vulnerability affects the function formWpsStart of the file /goform/formWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7085 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. This issue affects the function formiNICWpsStart of the file /goform/formiNICWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7088 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Belkin F9K1122 1.00.33. This affects the function formPPPoESetup of the file /goform/formPPPoESetup of the component webs. The manipulation of the argument pppUserName leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7089 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. This issue affects the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component webs. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7090 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Belkin F9K1122 1.00.33. Affected by this issue is the function formConnectionSetting of the file /goform/formConnectionSetting of the component webs. The manipulation of the argument max_Conn/timeOut leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7091 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. Affected is the function formWlanMP of the file /goform/formWlanMP of the component webs. The manipulation of the argument ateFunc/ateGain/ateTxCount/ateChan/ateRate/ateMacID/e2pTxPower1/e2pTxPower2/e2pTxPower3/e2pTxPower4/e2pTxPower5/e2pTxPower6/e2pTxPower7/e2pTx2Power1/e2pTx2Power2/e2pTx2Power3/e2pTx2Power4/e2pTx2Power5/e2pTx2Power6/e2pTx2Power7/ateTxFreqOffset/ateMode/ateBW/ateAntenna/e2pTxFreqOffset/e2pTxPwDeltaB/e2pTxPwDeltaG/e2pTxPwDeltaMix/e2pTxPwDeltaN/readE2P leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7092 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. This vulnerability affects the function formWlanSetupWPS of the file /goform/formWlanSetupWPS of the component webs. The manipulation of the argument wps_enrolee_pin/webpage leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7093 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. Affected by this vulnerability is the function formSetLanguage of the file /goform/formSetLanguage of the component webs. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-7094 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 8.8 High |
| A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument submit-url-ok leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2011-5280 | 1 Universityofcalifornia | 1 Boinc Client | 2025-07-08 | N/A |
| Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of service (crash) via a long trickle-up to (1) client/cs_trickle.cpp or (2) db/db_base.cpp. | ||||
| CVE-2013-2298 | 1 Universityofcalifornia | 1 Boinc Client | 2025-07-08 | N/A |
| Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler. | ||||
| CVE-2013-2019 | 1 Universityofcalifornia | 1 Boinc Client | 2025-07-08 | N/A |
| Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple file_signature elements. | ||||
| CVE-2023-50187 | 1 Trimble | 1 Sketchup Viewer | 2025-07-08 | N/A |
| Trimble SketchUp Viewer SKP File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20789. | ||||
| CVE-2025-6818 | 1 Hdfgroup | 1 Hdf5 | 2025-07-08 | 3.3 Low |
| A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5O__chunk_protect of the file /src/H5Ochunk.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6825 | 1 Totolink | 2 A702r, A702r Firmware | 2025-07-08 | 8.8 High |
| A vulnerability classified as critical was found in TOTOLINK A702R up to 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||