ReportizFlow
Filtered by vendor
Subscriptions
Total
13358 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38025 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-12-10 | 7.2 High |
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | ||||
| CVE-2025-64657 | 1 Microsoft | 2 Azure App Gateway, Azure Application Gateway | 2025-12-10 | 9.8 Critical |
| Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-42877 | 1 Sap | 3 Content Server, Internet Communication Manager, Web Dispatcher | 2025-12-09 | 7.5 High |
| SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application. | ||||
| CVE-2025-64331 | 1 Oisf | 1 Suricata | 2025-12-08 | 7.5 High |
| Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow can occur on large HTTP file transfers if the user has increased the HTTP response body limit and enabled the logging of printable http bodies. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves using default HTTP response body limits and/or disabling http-body-printable logging; body logging is disabled by default. | ||||
| CVE-2025-8854 | 2 Bullet3 Project, Bulletphysics | 2 Bullet3, Pybullet | 2025-12-08 | 9.8 Critical |
| Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong initial token processed by the VHACD test utility or invoked indirectly through PyBullet's vhacd function. | ||||
| CVE-2025-62507 | 1 Redis | 1 Redis | 2025-12-08 | 8.8 High |
| Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this issue without patching the redis-server executable is to prevent users from executing XACKDEL operation. This can be done using ACL to restrict XACKDEL command. | ||||
| CVE-2025-9809 | 1 Libretro | 2 Libretro, Libretro-common | 2025-12-08 | 9.8 Critical |
| Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer. | ||||
| CVE-2023-39786 | 1 Tenda | 3 Ac8 Firmware, Ac8v4, Ac8v4 Firmware | 2025-12-08 | 7.5 High |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function. | ||||
| CVE-2023-40900 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | ||||
| CVE-2023-40898 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg. | ||||
| CVE-2023-40896 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind. | ||||
| CVE-2023-40899 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg. | ||||
| CVE-2023-39784 | 1 Tenda | 3 Ac8 Firmware, Ac8v4, Ac8v4 Firmware | 2025-12-08 | 7.5 High |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function. | ||||
| CVE-2023-40891 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg. | ||||
| CVE-2023-40892 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi. | ||||
| CVE-2023-40897 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter mac at /goform/GetParentControlInfo. | ||||
| CVE-2023-39785 | 1 Tenda | 3 Ac8 Firmware, Ac8v4, Ac8v4 Firmware | 2025-12-08 | 7.5 High |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function. | ||||
| CVE-2023-48194 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 6.3 Medium |
| Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. | ||||
| CVE-2023-40895 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | ||||
| CVE-2023-40894 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg. | ||||