ReportizFlow
Filtered by vendor
Subscriptions
Total
3918 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-60340 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-28 | 7.5 High |
| Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters. | ||||
| CVE-2025-12322 | 1 Tenda | 1 Ch22 | 2025-10-28 | 8.8 High |
| A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromNatStaticSetting of the file /goform/NatStaticSetting. Executing manipulation of the argument page can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | ||||
| CVE-2025-20333 | 1 Cisco | 3 Adaptive Security Appliance Software, Firepower Threat Defense, Firepower Threat Defense Software | 2025-10-28 | 9.9 Critical |
| A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device. | ||||
| CVE-2025-33131 | 1 Ibm | 1 Db2 High Performance Unload | 2025-10-28 | 6.5 Medium |
| IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, and 5.1 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack. | ||||
| CVE-2025-60548 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 9.8 Critical |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings. | ||||
| CVE-2025-60553 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 9.8 Critical |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard52. | ||||
| CVE-2025-60554 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 9.8 Critical |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEnableWizard. | ||||
| CVE-2025-12232 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A vulnerability was detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Performing manipulation of the argument page results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2025-12265 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A weakness has been identified in Tenda CH22 1.0.0.1. Affected by this issue is the function fromVirtualSer of the file /goform/VirtualSer. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-12271 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A vulnerability was identified in Tenda CH22 1.0.0.1. This affects the function fromRouteStatic of the file /goform/RouteStatic. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-12272 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A security flaw has been discovered in Tenda CH22 1.0.0.1. This impacts the function fromAddressNat of the file /goform/addressNat. Performing manipulation of the argument page results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-12273 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A weakness has been identified in Tenda CH22 1.0.0.1. Affected is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-12274 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A security vulnerability has been detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2023-38559 | 4 Artifex, Debian, Fedoraproject and 1 more | 4 Ghostscript, Debian Linux, Fedora and 1 more | 2025-10-28 | 5.5 Medium |
| A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. | ||||
| CVE-2025-12236 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A vulnerability was determined in Tenda CH22 1.0.0.1. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-12233 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing manipulation of the argument page can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2025-12240 | 1 Totolink | 2 A3300r, A3300r Firmware | 2025-10-28 | 8.8 High |
| A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557_B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-12235 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8 High |
| A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used. | ||||
| CVE-2025-12234 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-28 | 8.8 High |
| A vulnerability has been found in Tenda CH22 1.0.0.1. This affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-12239 | 1 Totolink | 2 A3300r, A3300r Firmware | 2025-10-28 | 8.8 High |
| A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557_B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be exploited. | ||||