Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-25353

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-18 Feb, 2026 | 21:54
Updated At-19 Feb, 2026 | 15:53
Rejected At-
Credits

Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service

Foscam Video Management System 1.1.4.9 contains a denial of service vulnerability in the username input field that allows attackers to crash the application. Attackers can overwrite the username with a 520-byte buffer of repeated 'A' characters to trigger an application crash during device login.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:18 Feb, 2026 | 21:54
Updated At:19 Feb, 2026 | 15:53
Rejected At:
▼CVE Numbering Authority (CNA)
Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service

Foscam Video Management System 1.1.4.9 contains a denial of service vulnerability in the username input field that allows attackers to crash the application. Attackers can overwrite the username with a 520-byte buffer of repeated 'A' characters to trigger an application crash during device login.

Affected Products
Vendor
Diy Security SL
Product
Foscam Video Management System
Versions
Affected
  • 1.1.4.9
Problem Types
TypeCWE IDDescription
CWECWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
4.04.6MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 4.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
chuyreds
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.exploit-db.com/exploits/47671
exploit
https://www.foscam.es/
product
https://www.vulncheck.com/advisories/foscam-video-management-system-username-denial-of-service
third-party-advisory
Hyperlink: https://www.exploit-db.com/exploits/47671
Resource:
exploit
Hyperlink: https://www.foscam.es/
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/foscam-video-management-system-username-denial-of-service
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:18 Feb, 2026 | 22:16
Updated At:19 Feb, 2026 | 15:53

Foscam Video Management System 1.1.4.9 contains a denial of service vulnerability in the username input field that allows attackers to crash the application. Attackers can overwrite the username with a 520-byte buffer of repeated 'A' characters to trigger an application crash during device login.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.04.6MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 4.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-120Primarydisclosure@vulncheck.com
CWE ID: CWE-120
Type: Primary
Source: disclosure@vulncheck.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.exploit-db.com/exploits/47671disclosure@vulncheck.com
N/A
https://www.foscam.es/disclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/foscam-video-management-system-username-denial-of-servicedisclosure@vulncheck.com
N/A
Hyperlink: https://www.exploit-db.com/exploits/47671
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.foscam.es/
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/foscam-video-management-system-username-denial-of-service
Source: disclosure@vulncheck.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

498Records found
CVE-2023-39389
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.38%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 11:30
Updated-10 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-20
Improper Input Validation
CVE-2023-39386
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.38%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 12:20
Updated-10 Oct, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-20
Improper Input Validation
CVE-2023-39206
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-3.7||LOW
EPSS-0.31% / 54.51%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 23:02
Updated-29 Aug, 2024 | 15:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-video_software_development_kitroomsmeetingszoomvirtual_desktop_infrastructureZoom Clients
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-38975
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 60.57%
||
7 Day CHG~0.00%
Published-29 Aug, 2023 | 00:00
Updated-02 Oct, 2024 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

* Buffer Overflow vulnerability in qdrant v.1.3.2 allows a remote attacker cause a denial of service via the chucnked_vectors.rs component.

Action-Not Available
Vendor-qdrantn/a
Product-qdrantn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-28220
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.68% / 86.00%
||
7 Day CHG~0.00%
Published-28 Mar, 2025 | 00:00
Updated-06 May, 2025 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w6-s_firmwarew6-sn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-29358
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.84%
||
7 Day CHG~0.00%
Published-13 Mar, 2025 | 00:00
Updated-01 Aug, 2025 | 02:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the firewallEn parameter at /goform/SetFirewallCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-rx3_firmwarerx3n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-37457
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.19%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 19:43
Updated-13 Feb, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Asterisk's PJSIP_HEADER dialplan function can overwrite memory/cause crash when using 'update'

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa.

Action-Not Available
Vendor-Sangoma Technologies Corp.AsteriskDigium, Inc.
Product-certified_asteriskasteriskasterisk
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-28221
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.07% / 84.12%
||
7 Day CHG~0.00%
Published-28 Mar, 2025 | 00:00
Updated-08 May, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w6-sw6-s_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-29361
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.84%
||
7 Day CHG~0.00%
Published-13 Mar, 2025 | 00:00
Updated-25 Aug, 2025 | 02:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the list parameter at /goform/SetVirtualServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-rx3_firmwarerx3n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-37758
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.57%
||
7 Day CHG+0.04%
Published-18 Jul, 2023 | 00:00
Updated-28 Oct, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-815_firmwaredir-815n/adir-815
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-1010218
Matching Score-4
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
ShareView Details
Matching Score-4
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
CVSS Score-7.5||HIGH
EPSS-0.38% / 59.77%
||
7 Day CHG-0.04%
Published-22 Jul, 2019 | 17:30
Updated-05 Aug, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 (Current stable) is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv[0] to an insane length with execl. The fixed version is: There's no fix yet.

Action-Not Available
Vendor-cherokee-projectCherokee Webserver
Product-cherokee_web_serverLatest Cherokee Web server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40998
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.78% / 73.89%
||
7 Day CHG~0.00%
Published-28 Aug, 2023 | 00:00
Updated-02 Aug, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via the packet size component.

Action-Not Available
Vendor-o-ran-scn/a
Product-ric_message_routern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-36321
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.18% / 38.84%
||
7 Day CHG~0.00%
Published-17 Oct, 2023 | 00:00
Updated-02 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dlt_common.c.

Action-Not Available
Vendor-covesan/acovesa
Product-dlt-daemonn/adlt-daemon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-36198
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.13%
||
7 Day CHG~0.00%
Published-25 Aug, 2023 | 00:00
Updated-02 Oct, 2024 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function.

Action-Not Available
Vendor-skalen/a
Product-sgxwalletn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-36481
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.61%
||
7 Day CHG~0.00%
Published-28 Aug, 2023 | 00:00
Updated-02 Oct, 2024 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_9610_firmwareexynos_9810exynos_9110_firmwareexynos_1280exynos_1380exynos_850exynos_1080exynos_2200exynos_w920exynos_850_firmwareexynos_9820_firmwareexynos_980_firmwareexynos_1330exynos_1080_firmwareexynos_9610exynos_2100_firmwareexynos_1330_firmwareexynos_9810_firmwareexynos_9820exynos_2100exynos_9110exynos_1280_firmwareexynos_980exynos_1380_firmwareexynos_w920_firmwareexynos_2200_firmwaren/aexynos
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-36359
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.06%
||
7 Day CHG~0.00%
Published-22 Jun, 2023 | 00:00
Updated-10 Dec, 2024 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wr941ndtl-wr841ntl-wr940n_firmwaretl-wr841n_firmwaretl-wr940ntl-wr941nd_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-36354
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.06%
||
7 Day CHG~0.00%
Published-22 Jun, 2023 | 00:00
Updated-02 Dec, 2024 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wr740ntl-wr941ndtl-wr841ntl-wr940n_firmwaretl-wr740n_firmwaretl-wr841n_firmwaretl-wr940ntl-wr941nd_firmwaren/atl-wr740ntl-wr941ndtl-wr841ntl-wr940n_v4tl-wr940n
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35979
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 37.99%
||
7 Day CHG~0.00%
Published-05 Jul, 2023 | 14:50
Updated-04 Dec, 2024 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Buffer Overflow Vulnerability in ArubaOS Web-Based Management Interface

There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in a Denial-of-Service (DoS) condition affecting the web-based management interface of the controller.

Action-Not Available
Vendor-Aruba NetworksHewlett Packard Enterprise (HPE)
Product-mcr-va-50mcr-va-5ksd-wanmcr-hw-1kmcr-va-500mcr-hw-10kmcr-va-1kmc-va-10mcr-va-10kmc-va-250mc-va-1karubaosmcr-hw-5kmc-va-50Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-32331
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.02%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 18:38
Updated-31 Jan, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Connect:Express for UNIX denial of service

IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-aixsterling_connect\linux_kernelsolarisSterling Connect:Express for UNIX
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-32763
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 26.20%
||
7 Day CHG~0.00%
Published-28 May, 2023 | 00:00
Updated-02 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.

Action-Not Available
Vendor-qtn/a
Product-qtn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-31998
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-5.9||MEDIUM
EPSS-0.43% / 62.41%
||
7 Day CHG+0.05%
Published-18 Jul, 2023 | 01:40
Updated-29 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices.

Action-Not Available
Vendor-Ubiquiti Inc.
Product-edgemax_edgerouter_firmwareaircube_firmwareedgemax_edgerouteraircubeAircubeEdgeRouter
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-1899
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.35% / 57.46%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 02:31
Updated-05 Mar, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 setPptpUserList buffer overflow

A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-tx3tx3_firmwareTX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-30383
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.61% / 69.91%
||
7 Day CHG+0.12%
Published-18 Jul, 2023 | 00:00
Updated-28 Oct, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-archer_c2_v1archer_c50archer_c2_v1_firmwarearcher_c20archer_c50_firmwarearcher_c20_firmwaren/aarcher_c20archer_c2archer_c50
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-1895
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.07% / 21.17%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 01:00
Updated-05 Mar, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 setMacFilterCfg buffer overflow

A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-tx3tx3_firmwareTX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-41499
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.76%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 20:36
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow Vulnerability exists in ajaxsoundstudio.com n Pyo < 1.03 in the Server_debug function, which allows remote attackers to conduct DoS attacks by deliberately passing on an overlong audio file name.

Action-Not Available
Vendor-pyo_projectn/a
Product-pyon/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-26769
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.41%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c.

Action-Not Available
Vendor-liblouisn/a
Product-liblouisn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-27585
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.50% / 65.95%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 00:00
Updated-04 Nov, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead.

Action-Not Available
Vendor-teluupjsip
Product-pjsippjproject
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-27064
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.67%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 00:00
Updated-27 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w15ew15e_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-27705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.56%
||
7 Day CHG~0.00%
Published-17 Apr, 2023 | 00:00
Updated-06 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

APNG_Optimizer v1.4 was discovered to contain a buffer overflow via the component /apngopt/ubuntu.png.

Action-Not Available
Vendor-apng_optimizer_projectn/a
Product-apng_optimizern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-27062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.67%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 00:00
Updated-27 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w15ew15e_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-27065
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.67%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 00:00
Updated-27 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w15ew15e_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-25664
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.46%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 23:40
Updated-19 Feb, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TensorFlow vulnerable to Heap Buffer Overflow in AvgPoolGrad

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.

Action-Not Available
Vendor-TensorFlowGoogle LLC
Product-tensorflowtensorflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-24294
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 54.31%
||
7 Day CHG~0.00%
Published-29 Nov, 2023 | 00:00
Updated-02 Aug, 2024 | 10:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component NetlinkWeb::Information::SetDeviceIdentification.

Action-Not Available
Vendor-zumtobeln/a
Product-netlink_ccdnetlink_ccd_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-5412
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.80% / 74.25%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:18
Updated-24 Feb, 2026 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-dx4510-b0_firmwareex5601-t1_firmwareex5512-t0vmg4005-b50aex5510-b0vmg3927-t50k_firmwareax7501-b0_firmwareax7501-b1_firmwarenebula_fwa510_firmwarenr7103_firmwareex7501-b0_firmwaredx3300-t1_firmwarenebula_lte3301-pluspm5100-t0_firmwarenr5103ev2vmg3625-t50bnr5307ax7501-b0vmg3927-t50kpx3321-t1ex5401-b0_firmwaredx5401-b0ex7710-b0_firmwarenebula_fwa505_firmwareex3501-t0_firmwarewx3401-b0dx4510-b0nebula_fwa505nebula_lte3301-plus_firmwarepm7300-t0_firmwarevmg4005-b60a_firmwareemg3525-t50b_firmwarepm3100-t0dx5401-b0_firmwareex5401-b0vmg8825-t50kscr50axe_firmwaredx5401-b1nr7302_firmwareex5401-b1_firmwareemg3525-t50bemg5723-t50kex5510-b0_firmwarewx3100-t0dx5401-b1_firmwareex5601-t1nr5103ev2_firmwarenr7303nr7302wx3401-b0_firmwarepm7300-t0nr7501_firmwarenr5103_firmwareemg5723-t50k_firmwarevmg8623-t50b_firmwarenebula_fwa710_firmwareex3301-t0ex3510-b0dx3301-t0ex7501-b0wx5600-t0_firmwareex5401-b1nr5103ex3500-t0ex3300-t1_firmwarescr_50axedx3301-t0_firmwareex3500-t0_firmwarevmg8825-t50k_firmwarevmg3625-t50b_firmwarenr7303_firmwarevmg8623-t50bvmg4005-b50a_firmwareex5601-t0_firmwareex3301-t0_firmwarenebula_fwa710vmg4005-b60adx3300-t0ex5601-t0nr5307_firmwaredx3300-t1ex3510-b0_firmwareex7710-b0wx3100-t0_firmwareex3300-t0ex3300-t1nebula_fwa510wx5600-t0pm5100-t0ex5512-t0_firmwarenr7501ex3300-t0_firmwareemg5523-t50b_firmwarepx3321-t1_firmwarenr7103ex3501-t0ax7501-b1dx3300-t0_firmwareemg5523-t50bpm3100-t0_firmwareVMG8825-T50K firmwarevmg8825-t50k_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22915
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-1.07% / 77.96%
||
7 Day CHG~0.00%
Published-24 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.30 through 5.35, USG20(W)-VPN firmware versions 4.30 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote unauthenticated attacker to cause DoS conditions by sending a crafted HTTP request if the Facebook WiFi function were enabled on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg_flex_50w_firmwarevpn100usg_20w-vpnusg_20w-vpn_firmwareusg_flex_500usg_flex_200usg_flex_500_firmwarevpn1000_firmwareusg_flex_100w_firmwareusg_flex_100vpn50usg_flex_100_firmwareusg_flex_200_firmwareusg_flex_50wvpn50_firmwareusg_flex_50_firmwareusg_flex_700_firmwareusg_flex_700vpn100_firmwarevpn1000vpn300usg_flex_100wvpn300_firmwareusg_flex_50USG FLEX 50(W) firmwareUSG20(W)-VPN firmwareUSG FLEX series firmwareVPN series firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-53027
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.87%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in WLAN Host

Transient DOS may occur while processing the country IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcm8550_firmwareqcs410_firmwaresd865_5gapq8017sw5100psxr1120sa6150p_firmwarewcn6650qca6595qcs610_firmwarewcd9335snapdragon_8\+_gen_1wcd9370qca8081_firmwaresnapdragon_429_firmwareqca6696qam8620p_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwareqcn6024qcc2073_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700wcn3610snapdragon_695_5gsa4150psnapdragon_888_5gwsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_4_gen_2_firmwareqca6574au_firmwareqca6564_firmwaresm6370qam8295pwcd9341qca6574ausnapdragon_820_automotivewcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_429csra6640sa9000p_firmwaresrv1hsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gsm8650q_firmwarewcn3660b_firmwareqcs9100qca6554asnapdragon_8\+_gen_2snapdragon_820_automotive_firmwareqcs5430fastconnect_6800_firmwaresnapdragon_865\+_5g_firmwaresd835_firmwareqcn6024_firmwaresnapdragon_x65_5gqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_888\+_5g_firmwaresa8770pqcm6125_firmwareqcc710snapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresa8540psxr1120_firmwareqca6777aqsnapdragon_660_firmwaresnapdragon_4_gen_2fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_8_gen_2_firmwarevideo_collaboration_vc1_platformsnapdragon_x72_5gqep8111sa7255psm8635qfw7114wcd9385_firmwareqca6310qam8255p_firmwaresnapdragon_778g_5gsa8155_firmwaresdx61qcs4490snapdragon_662_firmwareqca6787aqwsa8845sa6155pqcm6125qca6564au_firmwarewsa8810205video_collaboration_vc5_platform_firmwareqam8650psa9000psrv1h_firmwareqca6595ausxr2250p_firmwaresm7315_firmwaresnapdragon_865_5g_firmwarewcd9326_firmwaresa6155p_firmwarewsa8840mdm9640_firmwaresrv1m_firmwareqcs8550_firmwaresd835qfw7124_firmwareqca6436_firmwaresnapdragon_x35_5g_firmwareqcs4490_firmwarewcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresm8635psnapdragon_680_4gwcn3910snapdragon_212_firmwarewcd9370_firmwareqca9367snapdragon_8_gen_2snapdragon_480\+_5g_firmwareqcc2076snapdragon_835_pc_firmwarewcn3660bqca6574asa7255p_firmwarewcn3620_firmwareqca6174asnapdragon_695_5g_firmwaresa8195pwcd9340qcs8250_firmwareqcm2290talynplussnapdragon_auto_5g_modem-rf_gen_2qcm6490sa8540p_firmwaresxr2250psm8550p_firmwareqcm8550wcn3988snapdragon_x55_5g_firmwaresm6370_firmwareqcn9274qcn9024sa8775pqca6574sxr2230p_firmwareqca6777aq_firmwaresa8775p_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hwcd9326sa6150pqcs410qcm2290_firmwaresm8650qsa8155p_firmwareqca6564asa8155pwsa8830snapdragon_870_5g_firmwaresm8550psa6145psnapdragon_x65_5g_firmwaresm7675_firmwaresa8255p_firmwaresnapdragon_888\+_5gsnapdragon_x75_5gqcc2073ar8035sm7635_firmwaremsm8996auqamsrv1m_firmwareqca6564sa8650p_firmwaresa6155wcn3620snapdragon_x72_5g_firmwaresrv1l_firmwareqcs9100_firmwareqcn6224qcs615snapdragon_782gqca6698aqwcn3950_firmwaresa7775p_firmwaresm7635sa8530p_firmwarefastconnect_6200sm7325p_firmwaresa8145p_firmwarewcd9378snapdragon_210_firmwaresm8635p_firmwaresa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_778g_5g_firmwaresnapdragon_780g_5gqcs6490qcs8250snapdragon_210snapdragon_x5_lte_firmwarefastconnect_6200_firmwaresnapdragon_778g\+_5gwsa8830_firmwareqcn6224_firmwareqca6678aq_firmwarewsa8845_firmwaresd660_firmwarewsa8832sdx61_firmwarewcd9378_firmwareqcc2076_firmwaresrv1lsxr2130_firmwaresrv1msm7675pqca6678aqar8035_firmwaresnapdragon_680_4g_firmwareqca6320sa4150p_firmwaresd888_firmwareqca6564auqcs6125_firmwaresm4635snapdragon_460wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwareqcm4290snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_xr2\+_gen_1sg8275p_firmwareqca9377_firmwaresnapdragon_x62_5gqcm6490_firmwaresnapdragon_685_4gsm4635_firmwaresm4125205_firmwarewcn3950qcs6125qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computetalynplus_firmwaresa8295p_firmwaresmart_audio_400_firmwaresnapdragon_460_firmwaresa4155p_firmwaresa8155qcn6274_firmwaresd888qca6320_firmwareqca6584auwcn6755_firmwaresw5100_firmwarewcn6740wcn6650_firmwareqca6310_firmwarefastconnect_6800qfw7114_firmwaresnapdragon_662qcs7230qca6595_firmwaresnapdragon_x5_ltefastconnect_7800_firmwaresm8635_firmwarefastconnect_6900_firmwareapq8017_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa6155_firmwaresnapdragon_xr2_5gsa8150psxr2330pwcn6755snapdragon_888_5g_firmwaresnapdragon_835_pcsnapdragon_8\+_gen_2_firmwaremsm8996au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresm6650sw5100video_collaboration_vc3_platformqca6688aqqam8295p_firmwaresnapdragon_8_gen_1_firmwarewcn3990_firmwaresm7315qca6175a_firmwareqca6698aq_firmwareqcs2290qca6564a_firmwarewcd9385qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwareqca9367_firmwarewcn3610_firmwaresnapdragon_8_gen_1sa8255pqcs7230_firmwareqcs4290wcd9390_firmwaresnapdragon_x62_5g_firmwaresnapdragon_8_gen_3qep8111_firmwareqcs615_firmwaresg8275psnapdragon_782g_firmwaresnapdragon_x55_5gsnapdragon_auto_5g_modem-rfqca6554a_firmwaresxr2130snapdragon_4_gen_1snapdragon_870_5gcsra6640_firmwareqamsrv1msnapdragon_480\+_5gqca6174a_firmwaresnapdragon_685_4g_firmwaresm7325pqam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresm6650_firmwaresnapdragon_480_5gwcn3980_firmwareqam8620pmdm9640qca6436wcd9335_firmwaresdm429wwsa8835wsa8840_firmwareqca6391_firmwareqca6584au_firmwareqcn6274qfw7124qca6595au_firmwareqcs8300_firmwaresw5100p_firmwareqca6696_firmwareqcs4290_firmwareqcs8300wcd9380_firmwareqca6574_firmwarewsa8815sd660csra6620mdm9628qca8081sg4150pqam8775pqca9377snapdragon_ar2_gen_1_firmwaresd_8_gen1_5gqca6797aqmdm9628_firmwaresnapdragon_x35_5gsa8620psnapdragon_660qca6574a_firmwareqcm4290_firmwaresnapdragon_8\+_gen_1_firmwareqca6175asd_8_gen1_5g_firmwareqca6787aq_firmwarewcd9375_firmwareqca6391snapdragon_x75_5g_firmwaresa7775psnapdragon_8_gen_3_firmwareqcn9274_firmwareqcs5430_firmwaresg4150p_firmwaresnapdragon_780g_5g_firmwaresa8770p_firmwarecsra6620_firmwaresa8295pqcs8550fastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresnapdragon_xr1wcd9375qca6688aq_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675sa8145psnapdragon_212wsa8835_firmwarewcn3980sm7675p_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22922
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.45% / 63.91%
||
7 Day CHG-0.15%
Published-01 May, 2023 | 00:00
Updated-30 Jan, 2025 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nbg-418n_firmwarenbg-418nNBG-418N v2 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22917
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.56% / 68.47%
||
7 Day CHG~0.00%
Published-24 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-vpn100atp100_firmwareatp100atp800_firmwareusg_flex_200usg_flex_500_firmwareusg_flex_100w_firmwareusg_flex_100vpn300_firmwareatp100w_firmwareatp100wusg_flex_200_firmwarevpn50_firmwareatp200atp700usg_flex_700vpn100_firmwarevpn300usg_flex_100wusg_flex_50w_firmwareusg_20w-vpnatp700_firmwareusg_20w-vpn_firmwareatp500_firmwareatp800vpn1000_firmwarevpn50usg_flex_100_firmwareusg_flex_50wusg_flex_50_firmwareatp500usg_flex_700_firmwarevpn1000usg_flex_500usg_flex_50atp200_firmwareVPN series firmwareATP series firmwareUSG FLEX 50(W) firmwareUSG20(W)-VPN firmwareUSG FLEX series firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22416
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.92%
||
7 Day CHG~0.00%
Published-12 Jan, 2023 | 00:00
Updated-08 Apr, 2025 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received

A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R1-S1, 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1 on SRX Series.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345mx2008mx960mx240srx5800srx110srx4000srx550_hmsrx220srx240h2mx2010mx5srx5400srx100srx3400srx300srx550mx104junosmx80srx240msrx210srx1500srx380srx4200srx340mx10008mx150srx4100mx10srx240mx2020srx3600mx10003srx5000mx10016srx1400mx10000mx204mx480srx320srx5600mx40srx650srx4600srx550mJunos OS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52949
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.59%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 00:00
Updated-14 Oct, 2025 | 17:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

Action-Not Available
Vendor-iptraf-ngn/a
Product-iptraf-ngn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22399
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.71%
||
7 Day CHG~0.00%
Published-12 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: QFX10K Series: PFE crash upon receipt of specific genuine packets when sFlow is enabled

When sFlow is enabled and it monitors a packet forwarded via ECMP, a buffer management vulnerability in the dcpfe process of Juniper Networks Junos OS on QFX10K Series systems allows an attacker to cause the Packet Forwarding Engine (PFE) to crash and restart by sending specific genuine packets to the device, resulting in a Denial of Service (DoS) condition. The dcpfe process tries to copy more data into a smaller buffer, which overflows and corrupts the buffer, causing a crash of the dcpfe process. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on QFX10K Series: All versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S2; 21.4 versions prior to 21.4R2-S2, 21.4R3; 22.1 versions prior to 22.1R2; 22.2 versions prior to 22.2R1-S2, 22.2R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22422
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.77%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 17:55
Updated-26 Mar, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HTTP profile vulnerability

On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, when a HTTP profile with the non-default Enforcement options of Enforce HTTP Compliance and Unknown Methods: Reject are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_ssl_orchestratorbig-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerbig-ip_ddos_hybrid_defenderBIG-IP
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-44879
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.56% / 68.46%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 00:00
Updated-15 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-20024
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.98% / 77.02%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sf550x-48mpsg500xg8f8tbusiness_250-16t-2g_firmwaresg250-10p_firmwaresf500-24mp_firmwaresf250-08hp_firmwaresf250-10p_firmwaresf250-26sg250x-24p_firmwarebusiness_350-16p-2gsf250x-48p_firmwaresf250-26_firmwarebusiness_250-48p-4xsg200-26sg250-18sg500-28sg350x-24mpsg550x-48p_firmwaresg200-50p_firmwaresg200-08psf250-24p_firmwarebusiness_350-8fp-e-2gsf200-24_firmwaresg550xg-8f8t_firmwarebusiness_250-48t-4xsg350xg-24tsf200e-24sg550xg-48t_firmwaresf350-48psg550xg-48tsg500x-24psf250-08_firmwarebusiness_350-48t-4gsf300-24mp_firmwaresf550x-24mp_firmwaresf200e-24psg350x-24mp_firmwaresg350-28sf250-26p_firmwaresf550x-48p_firmwaresg200-10fpbusiness_350-16fp-2gbusiness_350-8fp-2g_firmwarebusiness_350-16p-e-2gsf200e-48sg500x24mppsg250-50hp_firmwaresg350x-12pmvsg250-24business_250-8p-e-2g_firmwarebusiness_350-24s-4gsg350x-24business_350-24fp-4xbusiness_350-8mp-2xbusiness_350-48p-4gbusiness_350-8fp-e-2g_firmwaresf350-28mpsf550x-48_firmwaresg250x-24sg550xg-8f8tsf250-50psg250-24p_firmwaresg550xg-24tsf250-18_firmwaresf250-26hp_firmwaresg350-10p_firmwaresg355-10psg200-50psg200-26fp_firmwaresg350-10psg250-50psg300-52psf500-18p_firmwaresf350-20_firmwarebusiness_350-16xts_firmwarebusiness_350-12xssg250-26hpsf352-08_firmwaresg250x-48p_firmwarebusiness_250-16p-2gsf352-08mpsg350x-24pv_firmwaresf500-24p_firmwarebusiness_250-16p-2g_firmwarebusiness_350-8fp-2gbusiness_350-8p-e-2gsf200e-48psg500x-48mp_firmwarebusiness_250-8p-e-2gbusiness_250-24t-4x_firmwaresg300-10sfpsf500-24mpsg300-28_firmwarebusiness_250-8t-e-2gsf500-24psf200-24p_firmwaresf302-08ppsf300-48sg350xg-48t_firmwaresg250-26sg300-10sfp_firmwarebusiness_250-8pp-e-2g_firmwaresf550x-48mp_firmwaresf350-52sg250x-48sf550x-24_firmwaresf350-10_firmwaresf250-48hp_firmwaresg500x24mpp_firmwaresg300-28ppsf250-08hpbusiness_250-48t-4g_firmwaresg300-52mp_firmwaresf500-48_firmwaresg500-28p_firmwaresf550x-48psg550x-24mppsf350-20sf500-48pbusiness_350-24fp-4x_firmwaresg350xg-24f_firmwaresg500x-24mpp_firmwarebusiness_350-24xtsbusiness_250-24p-4xsg300-28mpsf350-24mpsf250-24_firmwaresg350-28mpsf302-08sg350x-48sg300-28pp_firmwarebusiness_350-24mgp-4x_firmwaresg350-10mp_firmwaresf302-08mpp_firmwarebusiness_350-8xt_firmwarebusiness_250-8pp-e-2gsf500-48mpsg300-52p_firmwaresg300-10psf550x-24p_firmwarebusiness_350-24p-4xsg300-10mp_firmwaresg200-08p_firmwaresf200-24fp_firmwarebusiness_350-12xs_firmwaresg550x-24business_350-24p-4gsf300-08sf350-52psf250x-24_firmwarebusiness_350-16xtsbusiness_350-8s-e-2gsf350-48_firmwaresg250-10psg200-08business_250-8pp-dsg250-50_firmwaresf250-10psg350xg-2f10_firmwaresf250x-24p_firmwaresf250-50_firmwaresg250-08sg350-28psg250-26hp_firmwarebusiness_350-8xtbusiness_250-48t-4gbusiness_350-24xs_firmwaresf200e48p_firmwaresf200e-24p_firmwaresg350xg-48tbusiness_350-48t-4x_firmwaresg350-28_firmwaresg300-10_firmwaresg350x-8pmdsg350x-48psf200e-48p_firmwaresg500x-24business_350-24xt_firmwarebusiness_250-16t-2gsf350-10sfp_firmwarebusiness_350-48ngp-4x_firmwaresg350-10_firmwarebusiness_350-12np-4x_firmwaresf350-52p_firmwaresg250x-48psg500x-24p_firmwaresg250-48sg550x-24p_firmwarebusiness_350-16t-e-2g_firmwaresf200-24fpsg500xg-8f8t_firmwarebusiness_250-24pp-4gbusiness_250-48p-4gsf300-24psg250-48hp_firmwaresg550xg-24t_firmwaresg550x-48t_firmwarebusiness_250-24t-4g_firmwaresf302-08mppsg500-52ppsf250-48_firmwaresg350x-48p_firmwarebusiness_350-24xtsg300-28mp_firmwaresf550x-24mpbusiness_350-48fp-4x_firmwarebusiness_350-8t-e-2gsg250-50hpsg550x-24mpp_firmwaresg200-18business_350-24p-4g_firmwaresg250-48hpbusiness_350-24t-4xsg350xg-24fsg500x-48mpsf200-48_firmwaresg500xg-8f8tsg300-28sfp_firmwaresg500-28_firmwaresf350-28psf350-8pdbusiness_350-48ngp-4xsf355-10p_firmwarebusiness_350-8t-e-2g_firmwaresf300-24pp_firmwarebusiness_350-24fp-4g_firmwarebusiness_250-8t-e-2g_firmwarebusiness_250-8fp-e-2g_firmwarebusiness_350-12xtsf250-24psf250-08sg300-10p_firmwaresf350-10psg250-18_firmwaresg300-52_firmwaresf350-24pbusiness_350-48fp-4xbusiness_250-48pp-4g_firmwarebusiness_350-8s-e-2g_firmwaresg300-52sg250x-24psg500x-48sg200-26_firmwaresf200e48pbusiness_250-8pp-d_firmwaresf350-24sg300-20sg500-28psg500-52pp_firmwaresg550x-48tsg350x-48_firmwaresg250-24psf200-48sf350-24mp_firmwaresf350-52mp_firmwaresf250x-48_firmwaresg350x-24_firmwaresg550x-48mp_firmwaresf350-48sf350-52mpsf300-24_firmwaresf300-48psf350-10sfpsf350-28mp_firmwaresg350x-48pvsg500-28mpp_firmwaresg500-52pbusiness_250-24fp-4g_firmwarebusiness_250-8t-d_firmwaresf250-24business_250-48p-4g_firmwaresf300-24ppsg550x-48pbusiness_250-24fp-4x_firmwaresf250-50hpsg350x-48mp_firmwaresg550xg-24f_firmwaresg250x-24_firmwaresf350-8mpbusiness_350-24mgp-4xbusiness_350-24xssg350x-12pmv_firmwaresg355-10mpsf352-08mp_firmwaresg300-10mpp_firmwaresf350-24p_firmwaresf250-50hp_firmwaresf350-24_firmwaresg200-50business_250-48pp-4gsg300-52mpsf250x-24psf250x-48pbusiness_350-48t-4g_firmwaresf200-48p_firmwaresf352-08sg500-28pp_firmwarebusiness_350-24t-4x_firmwarebusiness_350-48fp-4g_firmwaresf250-48business_350-12np-4xbusiness_350-8p-2g_firmwaresg300-20_firmwaresf350-28sfp_firmwaresf250x-24business_350-24fp-4gsf500-48sg200-50fpsg550x-24_firmwaresg250x-48_firmwaresg500-28mppbusiness_350-16p-2g_firmwaresf350-8pd_firmwaresg250-50p_firmwaresf350-48p_firmwarebusiness_350-24xts_firmwaresf350-10mp_firmwaresg355-10mp_firmwarebusiness_350-8p-2gsg350x-24pd_firmwarebusiness_250-24pp-4g_firmwaresf350-08sf250-50sg350-28p_firmwaresg350xg-2f10sg500xg8f8t_firmwaresg350x-8pmd_firmwarebusiness_250-24p-4g_firmwaresf250-26hpbusiness_350-48p-4xbusiness_350-24s-4g_firmwaresg350-10mpbusiness_350-16t-2gsg250-24_firmwaresf550x-24sg500-52p_firmwaresf200-24psf500-48p_firmwaresf350-28business_350-8mgp-2xsf200e-24_firmwarebusiness_350-12xt_firmwarebusiness_250-24fp-4xsf350-48mp_firmwaresg350-28mp_firmwarebusiness_350-24ngp-4xsf200-24sf250-26psg500-28ppsg500x-48pbusiness_350-48xt-4x_firmwaresg250-26_firmwaresf200e-48_firmwarebusiness_350-24ngp-4x_firmwaresg355-10p_firmwaresg500x-48mppsg500x-48p_firmwarebusiness_350-24p-4x_firmwaresg550x-24mp_firmwaresg200-18_firmwarebusiness_350-8mgp-2x_firmwaresf300-48ppsg500x-24_firmwaresf350-10mpsg350xg-24t_firmwaresg550x-48_firmwaresg350x-24p_firmwaresf302-08_firmwaresg250-48_firmwarebusiness_250-8fp-e-2gsg300-10mpsf350-28_firmwaresf350-10p_firmwaresf250-18sf352-08psg300-10ppsf500-18psf350-8mp_firmwarebusiness_350-24t-4gbusiness_350-8p-e-2g_firmwaresg500x-48mpp_firmwaresf350-28p_firmwaresg200-26fpsg200-26p_firmwaresf550x-48sf350-10sg350x-48pv_firmwaresg300-28sg350x-24pdsg200-10fp_firmwaresg550xg-24fbusiness_350-48p-4x_firmwaresg250-08hpbusiness_250-24p-4x_firmwaresf250x-48sg550x-24mpsg350-10business_350-8mp-2x_firmwaresf300-24p_firmwaresg550x-48mpbusiness_350-16p-e-2g_firmwaresg200-50fp_firmwarebusiness_250-24p-4gsg250-26psg300-10pp_firmwaresf500-24sf550x-24psg300-10sf352-08p_firmwaresf300-48p_firmwaresf350-48mpbusiness_350-16t-2g_firmwaresg250-50sg300-10mppbusiness_350-24t-4g_firmwaresg300-28psg350x-24pvbusiness_250-24t-4xsf300-24sf200-48psg200-26psg550x-24pbusiness_250-8t-dbusiness_250-24fp-4gsg200-08_firmwaresg350x-48mpbusiness_350-48t-4xsg500x-24mppsg300-28sfpsg550x-48sf300-48pp_firmwaresg250-08_firmwaresf300-24mpbusiness_250-24t-4gsg350x-24psf350-52_firmwarebusiness_250-48t-4x_firmwaresf350-28sfpbusiness_250-48p-4x_firmwaresf302-08pp_firmwaresf250-48hpbusiness_350-16t-e-2gsg500x-48_firmwaresg200-50_firmwaresg250-26p_firmwaresf300-08_firmwarebusiness_350-48xt-4xsf250-50p_firmwarebusiness_350-16fp-2g_firmwarebusiness_350-48p-4g_firmwaresf500-24_firmwaresf350-08_firmwaresg250-08hp_firmwaresf500-48mp_firmwaresf300-48_firmwaresf355-10pbusiness_350-48fp-4gsg300-28p_firmwareCisco Small Business Smart and Managed Switches 550x_series_stackable_managed_switches_firmware250_series_smart_switches_firmwaresmall_business_500_series_stackable_managed_switches_firmwarebusiness_350_series_managed_switches_firmwaresmall_business_200_series_smart_switches_firmwaresmall_business_300_series_managed_switches_firmwarebusiness_250_series_smart_switches_firmware350x_series_stackable_managed_switches_firmware350_series_managed_switches_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-0612
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.27%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 13:31
Updated-02 Aug, 2024 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TRENDnet TEW-811DRU httpd basic.asp buffer overflow

A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. Affected is an unknown function of the file /wireless/basic.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219936.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-811dru_firmwaretew-811druTEW-811DRU
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-48986
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 61.79%
||
7 Day CHG~0.00%
Published-20 Nov, 2024 | 00:00
Updated-26 Nov, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer (the length of which is determined by looking up the event type in a table). The subsequent write operation, however, copies the amount of data specified in the packet header, which may lead to a buffer overflow. This bug is trivial to exploit for a denial of service but is not certain to suffice to bring the system down and can generally not be exploited further because the exploitable buffer is dynamically allocated.

Action-Not Available
Vendor-n/ambedArm Limited
Product-mbedn/ambed
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-0617
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.88%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 16:45
Updated-02 Aug, 2024 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TRENDNet TEW-811DRU httpd guestnetwork.asp buffer overflow

A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has been classified as critical. This affects an unknown part of the file /wireless/guestnetwork.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219957 was assigned to this vulnerability.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-811dru_firmwaretew-811druTEW-811DRU
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-48982
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.27%
||
7 Day CHG~0.00%
Published-20 Nov, 2024 | 00:00
Updated-25 Nov, 2024 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. This value is assumed to be greater than or equal to 3, but the software doesn't ensure that this is the case. Supplying a length less than 3 leads to a buffer overflow in a buffer that is allocated later. It is simultaneously possible to cause another integer overflow by supplying large length values because the provided length value is increased by a few bytes to account for additional information that is supposed to be stored there. This bug is trivial to exploit for a denial of service but is not certain to suffice to bring the system down and can generally not be exploited further because the exploitable buffer is dynamically allocated.

Action-Not Available
Vendor-n/ambedArm Limited
Product-mbedn/ambed
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-46593
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.30%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 00:00
Updated-17 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the trapcomm parameter at cgiswm.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aDrayTek Corp.
Product-vigor3910vigor3910_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-46591
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.53%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 00:00
Updated-19 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sDnsPro parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aDrayTek Corp.
Product-vigor3910_firmwarevigor3910n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 9
  • 10
  • Next
Details not found