Total
3349 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22213 | 1 Riot-os | 1 Riot | 2026-01-21 | 9.8 Critical |
| RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen() function, which constructs a device path using unbounded user-controlled input. The utility uses strcpy() and strcat() to concatenate the fixed prefix '/dev/' with a user-supplied device name provided via the -s command-line option without bounds checking. This allows an attacker to supply an excessively long device name and overflow a fixed-size stack buffer, leading to process crashes and memory corruption. | ||||
| CVE-2026-22214 | 1 Riot-os | 1 Riot | 2026-01-21 | 9.8 Critical |
| RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the _handle_char() function, where incoming frame bytes are appended to a fixed-size stack buffer without verifying that the current write index remains within bounds. An attacker capable of sending crafted serial or TCP-framed input can cause the current write index to exceed the buffer size, resulting in a write past the end of the stack buffer. This condition leads to memory corruption and application crash. | ||||
| CVE-2024-57440 | 1 Dlink | 2 Dsl-3788, Dsl-3788 Firmware | 2026-01-20 | 7.5 High |
| D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer Overflow via the COMM_MAKECustomMsg function of the webproc cgi | ||||
| CVE-2025-71023 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-20 | 7.5 High |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-70747 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | 7.5 High |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serviceName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-71021 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | 7.5 High |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-70744 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | 7.5 High |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the cloneType parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-71019 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | 7.5 High |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the wanSpeed parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-70656 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | 7.5 High |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the mac parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-43025 | 1 Hp | 1 Universal Print Driver | 2026-01-20 | 7.5 High |
| HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.). | ||||
| CVE-2025-46397 | 2 Fig2dev Project, Redhat | 3 Fig2dev, Enterprise Linux, Rhel Eus | 2026-01-19 | 7.8 High |
| A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function. | ||||
| CVE-2025-70753 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-16 | 7.5 High |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_4CA50 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-71024 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-16 | 7.5 High |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-71025 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-16 | 7.5 High |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-71027 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-16 | 7.5 High |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanMTU2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-71026 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-16 | 7.5 High |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2024-53695 | 1 Qnap | 1 Hybrid Backup Sync | 2026-01-16 | 9.1 Critical |
| A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later | ||||
| CVE-2025-11541 | 1 Sharp | 52 Np-cr5450h, Np-cr5450h Firmware, Np-cr5450hl and 49 more | 2026-01-15 | 9.8 Critical |
| Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs. | ||||
| CVE-2025-11542 | 1 Sharp | 52 Np-cr5450h, Np-cr5450h Firmware, Np-cr5450hl and 49 more | 2026-01-15 | 9.8 Critical |
| Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs. | ||||
| CVE-2025-26507 | 1 Hp | 403 115p9aw, 115q0aw, 17f27aw and 400 more | 2026-01-15 | 9.8 Critical |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | ||||