Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-27697

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-06 Apr, 2021 | 12:07
Updated At-03 Aug, 2024 | 21:26
Rejected At-
Credits

RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:06 Apr, 2021 | 12:07
Updated At:03 Aug, 2024 | 21:26
Rejected At:
▼CVE Numbering Authority (CNA)

RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/RIOT-OS/RIOT/issues/16062
x_refsource_MISC
Hyperlink: https://github.com/RIOT-OS/RIOT/issues/16062
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/RIOT-OS/RIOT/issues/16062
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/RIOT-OS/RIOT/issues/16062
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:06 Apr, 2021 | 13:15
Updated At:09 Apr, 2021 | 18:06

RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
riot-os
riot-os
>>riot>>2021.01
cpe:2.3:o:riot-os:riot:2021.01:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/RIOT-OS/RIOT/issues/16062cve@mitre.org
Third Party Advisory
Hyperlink: https://github.com/RIOT-OS/RIOT/issues/16062
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1030Records found
CVE-2024-35426
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.20% / 41.74%
||
7 Day CHG+0.02%
Published-08 Nov, 2024 | 00:00
Updated-05 Jun, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vmir e8117 was discovered to contain a stack overflow via the init_local_vars function at /src/vmir_wasm_parser.c.

Action-Not Available
Vendor-lonelycodern/avmir
Product-vmirn/avmir
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-35571
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.76%
||
7 Day CHG~0.00%
Published-20 May, 2024 | 17:20
Updated-17 Mar, 2025 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1806ax1806_firmwaren/aax1806_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4451
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.06% / 18.25%
||
7 Day CHG~0.00%
Published-09 May, 2025 | 01:00
Updated-13 May, 2025 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-619L formSetWAN_Wizard52 buffer overflow

A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this vulnerability is the function formSetWAN_Wizard52. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-619ldir-619l_firmwareDIR-619L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4449
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.06% / 18.25%
||
7 Day CHG~0.00%
Published-09 May, 2025 | 00:31
Updated-13 May, 2025 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-619L formEasySetupWizard3 buffer overflow

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. This issue affects the function formEasySetupWizard3. The manipulation of the argument wan_connected leads to buffer overflow. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-619ldir-619l_firmwareDIR-619L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4442
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.06% / 18.25%
||
7 Day CHG~0.00%
Published-08 May, 2025 | 23:31
Updated-13 May, 2025 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-605L formSetWAN_Wizard55 buffer overflow

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetWAN_Wizard55. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-605ldir-605l_firmwareDIR-605L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35977
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.68% / 70.57%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 14:19
Updated-04 Aug, 2024 | 00:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution.

Action-Not Available
Vendor-digin/a
Product-connectport_lts_8\/16\/32connectport_lts_8\/16\/32_firmwareportserver_tsportserver_ts_m_meiconnect_eswr31portserver_ts_mei_hardenedone_iap_family_firmwaretransport_wr11_xtcmtransport_wr11_xt_firmwarepassport_integrated_console_server_firmware6350-sr_firmwareportserver_ts_p_mei_firmwarewr44_rportserver_ts_firmwareone_iawr216350-srconnectport_ts_8\/16_firmwareone_iap_familyconnectport_ts_8\/16cm_firmwarewr21_firmwareportserver_ts_p_meipassport_integrated_console_serverwr31_firmwareportserver_ts_mei_hardened_firmwarewr44_r_firmwareconnect_es_firmwareportserver_ts_meione_ia_firmwarerealportportserver_ts_mei_firmwareportserver_ts_m_mei_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4496
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.19% / 41.73%
||
7 Day CHG~0.00%
Published-10 May, 2025 | 05:00
Updated-29 Jul, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK T10/A3100R/A950RG/A800R/N600R/A3000RU/A810R cstecgi.cgi CloudACMunualUpdate buffer overflow

A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-a3000ru_firmwarea800ra810rt10a800r_firmwarea3100r_firmwarea3100ra950rga3000rut10_firmwaren600rn600r_firmwarea810r_firmwarea950rg_firmwareN600RT10A800RA950RGA3100RA810RA3000RU
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-35099
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.88%
||
7 Day CHG~0.00%
Published-13 May, 2024 | 19:25
Updated-05 May, 2025 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth.

Action-Not Available
Vendor-n/aTOTOLINK
Product-lr350lr350_firmwaren/alr350_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-34945
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.51%
||
7 Day CHG~0.00%
Published-10 May, 2024 | 12:50
Updated-04 Apr, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPW parameter at ip/goform/WizardHandle.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-fh1206fh1206_firmwaren/afh1206_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2006-6024
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 62.95%
||
7 Day CHG~0.00%
Published-21 Nov, 2006 | 23:00
Updated-03 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eudora WorldMail heap overflow" modules in VulnDisco Pack. NOTE: Some of these details are obtained from third party information. As of 20061118, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-eudora_worldmailn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-3466
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.04%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 00:00
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Only version 0.9.70 is vulnerable.

Action-Not Available
Vendor-n/aRed Hat, Inc.GNUFedora Project
Product-enterprise_linuxfedoralibmicrohttpdlibmicrohttpd
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-34552
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.44%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 00:00
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectPython Software Foundation
Product-pillowdebian_linuxfedoran/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-45861
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 32.51%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 00:00
Updated-15 May, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002r_firmwarea3002rn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-34423
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-7.3||HIGH
EPSS-1.60% / 80.94%
||
7 Day CHG~0.00%
Published-24 Nov, 2021 | 16:53
Updated-17 Sep, 2024 | 03:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overflow in Zoom client and other products

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI Windows Meeting Client before version 5.8.4, Zoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64) before version 5.8.4.21112, Zoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom On-Premise Meeting Connector Controller before version 4.8.12.20211115, Zoom On-Premise Meeting Connector MMR before version 4.8.12.20211115, Zoom On-Premise Recording Connector before version 5.1.0.65.20211116, Zoom On-Premise Virtual Room Connector before version 4.4.7266.20211117, Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64. This can potentially allow a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code.

Action-Not Available
Vendor-Google LLCApple Inc.Microsoft CorporationZoom Communications, Inc.Linux Kernel Organization, Inc
Product-iphone_oszoom_on-premise_meeting_connector_mmrcontrollers_for_zoom_roomsvdi_windows_meeting_clientmeetingsvdi_vmwarewindows_meeting_sdkmacos_meeting_sdkwindows_video_sdkmacos_video_sdkmeetings_for_intunevirtual_desktop_infrastructuremacosmeetings_for_blackberryzoom_on-premise_virtual_room_connectorzoom_on-premise_recording_connectorandroid_meeting_sdkiphone_os_meeting_sdklinux_kernelmeetings_for_chrome_osrooms_for_conference_roomsandroidhybrid_mmrhybrid_zproxyvdi_azure_virtual_desktopzoom_on-premise_virtual_room_connector_load_balancerwindowsandroid_video_sdkzoom_on-premise_meeting_connector_controlleriphone_os_video_sdkvdi_citrixZoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS)Zoom On-Premise Recording ConnectorZoom Hybrid MMRZoom On-Premise Virtual Room ConnectorZoom Video SDK (for Android, iOS, macOS, and Windows)Zoom Meeting SDK for AndroidZoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows)Zoom Meeting SDK for WindowsZoom Meeting SDK for macOSZoom Meeting SDK for iOSZoom VDI Windows Meeting ClientZoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS)Zoom Client for Meetings for Chrome OSZoom Client for Meetings for Blackberry (for Android and iOS)Zoom Hybrid ZproxyZoom Client for Meetings for intune (for Android and iOS)Zoom On-Premise Meeting Connector ControllerZoom On-Premise Meeting Connector MMRZoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows)Zoom On-Premise Virtual Room Connector Load BalancerZoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64)Controllers for Zoom Rooms (for Android, iOS, and Windows)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-34727
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.00% / 76.05%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability

A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hxasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1009-xasr_1000-esp100asr_1002ios_xe_sd-wan4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_1000_seriesasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_router422_integrated_services_routerCisco IOS XE SD-WAN Software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-33874
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 56.60%
||
7 Day CHG~0.00%
Published-09 May, 2024 | 16:47
Updated-18 Apr, 2025 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c.

Action-Not Available
Vendor-n/aThe HDF Group
Product-hdf5n/ahdf5
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2005-1987
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-61.14% / 98.25%
||
7 Day CHG~0.00%
Published-13 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-exchange_serverwindows_server_2003windows_xpwindows_2000n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-33180
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.76%
||
7 Day CHG+0.17%
Published-16 Jul, 2024 | 00:00
Updated-02 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac18_firmwareac18n/aac18
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4145
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.63%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 00:00
Updated-12 May, 2025 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear EX6200 sub_3D0BC buffer overflow

A vulnerability, which was classified as critical, has been found in Netgear EX6200 1.0.3.94. This issue affects the function sub_3D0BC. The manipulation of the argument host leads to buffer overflow. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-ex6200_firmwareex6200EX6200
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-33278
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.12% / 90.43%
||
7 Day CHG~0.00%
Published-24 Jun, 2024 | 00:00
Updated-02 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in ASUS router RT-AX88U with firmware versions v3.0.0.4.388_24198 allows a remote attacker to execute arbitrary code via the connection_state_machine due to improper length validation for the cookie field.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-n/art-ax88u_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4298
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.13% / 32.92%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 23:31
Updated-13 May, 2025 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC1206 setcfm formSetCfm buffer overflow

A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac1206ac1206_firmwareAC1206
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4299
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.13% / 32.92%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 00:00
Updated-13 May, 2025 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC1206 openSchedWifi setSchedWifi buffer overflow

A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac1206ac1206_firmwareAC1206
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-3304
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 65.47%
||
7 Day CHG~0.00%
Published-26 Jan, 2021 | 06:05
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI.

Action-Not Available
Vendor-sagemcomn/a
Product-f\@st_3686f\@st_3686_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-33719
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 67.13%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 10:47
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port 4443/tcp could cause a Denial-of-Service condition or potential remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-siprotec_5_with_cpu_variant_cp300siprotec_5_with_cpu_variant_cp100siprotec_5_with_cpu_variant_cp050SIPROTEC 5 relays with CPU variants CP050SIPROTEC 5 relays with CPU variants CP300SIPROTEC 5 relays with CPU variants CP100
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4160
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.80%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 10:00
Updated-02 May, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server LS Command buffer overflow

A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component LS Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31535
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.60% / 85.03%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 12:26
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.

Action-Not Available
Vendor-n/aFedora ProjectX.Org Foundation
Product-libx11x_window_systemfedoran/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4116
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.30%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 12:31
Updated-16 May, 2025 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear JWNR2000v2 get_cur_lang_ver buffer overflow

A vulnerability, which was classified as critical, has been found in Netgear JWNR2000v2 1.0.0.11. Affected by this issue is the function get_cur_lang_ver. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-jwnr2000jwnr2000_firmwareJWNR2000v2
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4254
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.43%
||
7 Day CHG~0.00%
Published-04 May, 2025 | 23:31
Updated-16 May, 2025 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server LIST Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component LIST Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4237
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.80%
||
7 Day CHG~0.00%
Published-03 May, 2025 | 15:00
Updated-06 May, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server MDELETE Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MDELETE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4114
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.30%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 12:00
Updated-28 May, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear JWNR2000v2 check_language_file buffer overflow

A vulnerability classified as critical has been found in Netgear JWNR2000v2 1.0.0.11. Affected is the function check_language_file. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-jwnr2000jwnr2000_firmwareJWNR2000v2
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31895
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.1||HIGH
EPSS-2.33% / 84.19%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:02
Updated-13 May, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.7), RUGGEDCOM i801 (All versions < V4.3.7), RUGGEDCOM i802 (All versions < V4.3.7), RUGGEDCOM i803 (All versions < V4.3.7), RUGGEDCOM M2100 (All versions < V4.3.7), RUGGEDCOM M2200 (All versions < V4.3.7), RUGGEDCOM M969 (All versions < V4.3.7), RUGGEDCOM RMC30 (All versions < V4.3.7), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.7), RUGGEDCOM RMC8388 V5.X (All versions < V5.5.4), RUGGEDCOM RP110 (All versions < V4.3.7), RUGGEDCOM RS1600 (All versions < V4.3.7), RUGGEDCOM RS1600F (All versions < V4.3.7), RUGGEDCOM RS1600T (All versions < V4.3.7), RUGGEDCOM RS400 (All versions < V4.3.7), RUGGEDCOM RS401 (All versions < V4.3.7), RUGGEDCOM RS416 (All versions < V4.3.7), RUGGEDCOM RS416P (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.5.4), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416v2 V5.X (All versions < 5.5.4), RUGGEDCOM RS8000 (All versions < V4.3.7), RUGGEDCOM RS8000A (All versions < V4.3.7), RUGGEDCOM RS8000H (All versions < V4.3.7), RUGGEDCOM RS8000T (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900G (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900GP (All versions < V4.3.7), RUGGEDCOM RS900L (All versions < V4.3.7), RUGGEDCOM RS900W (All versions < V4.3.7), RUGGEDCOM RS910 (All versions < V4.3.7), RUGGEDCOM RS910L (All versions < V4.3.7), RUGGEDCOM RS910W (All versions < V4.3.7), RUGGEDCOM RS920L (All versions < V4.3.7), RUGGEDCOM RS920W (All versions < V4.3.7), RUGGEDCOM RS930L (All versions < V4.3.7), RUGGEDCOM RS930W (All versions < V4.3.7), RUGGEDCOM RS940G (All versions < V4.3.7), RUGGEDCOM RS969 (All versions < V4.3.7), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2100P (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2100PNC (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2200 (All versions < V4.3.7), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM RSG907R (All versions < V5.5.4), RUGGEDCOM RSG908C (All versions < V5.5.4), RUGGEDCOM RSG909R (All versions < V5.5.4), RUGGEDCOM RSG910C (All versions < V5.5.4), RUGGEDCOM RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM RSL910 (All versions < V5.5.4), RUGGEDCOM RST2228 (All versions < V5.5.4), RUGGEDCOM RST2228P (All versions < V5.5.4), RUGGEDCOM RST916C (All versions < V5.5.4), RUGGEDCOM RST916P (All versions < V5.5.4). The DHCP client in affected devices fails to properly sanitize incoming DHCP packets. This could allow an unauthenticated remote attacker to cause memory to be overwritten, potentially allowing remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_ros_rmc20ruggedcom_ros_rsg2100ruggedcom_rs8000ruggedcom_rs910ruggedcom_rsg900ruggedcom_ros_rs900gpruggedcom_ros_i800ruggedcom_ros_rs8000ruggedcom_rs900gruggedcom_rsg900cruggedcom_rsg2300ruggedcom_ros_rs401ruggedcom_ros_i801ruggedcom_ros_rmc30ruggedcom_rp110ruggedcom_rsg900gruggedcom_rst2228ruggedcom_rs900gpruggedcom_ros_rs920wruggedcom_rsg2200ruggedcom_ros_rmc40ruggedcom_rs910wruggedcom_rsg2488ruggedcom_rst916pruggedcom_m2200ruggedcom_ros_rs416ruggedcom_rs920lruggedcom_rsg2100ruggedcom_rs8000aruggedcom_ros_m969ruggedcom_rsg920pruggedcom_rmc40ruggedcom_rs900lruggedcom_ros_rsg2100pruggedcom_rmc20ruggedcom_ros_rs969ruggedcom_ros_rs910lruggedcom_ros_rsg2288ruggedcom_rsg900rruggedcom_ros_i802ruggedcom_rmcruggedcom_rs401ruggedcom_ros_rs900wruggedcom_ros_rsg900cruggedcom_rs900ruggedcom_rs930lruggedcom_rs920wruggedcom_ros_i803ruggedcom_ros_rmc8388ruggedcom_rs416ruggedcom_ros_rs8000truggedcom_ros_rs900ruggedcom_ros_rsg900rruggedcom_ros_rst2228ruggedcom_rs930wruggedcom_ros_rs910wruggedcom_ros_rs900gruggedcom_ros_rsg2300ruggedcom_ros_rs416v2ruggedcom_rsg2300pruggedcom_rmc30ruggedcom_ros_rsg900gruggedcom_rs969ruggedcom_ros_rs940gruggedcom_rs416v2ruggedcom_i803ruggedcom_ros_rs900lruggedcom_i802ruggedcom_ros_rs8000hruggedcom_rs8000hruggedcom_rs400ruggedcom_ros_rsg920pruggedcom_rs940gruggedcom_i801ruggedcom_ros_rsl910ruggedcom_rs8000truggedcom_ros_rst916pruggedcom_rsl910ruggedcom_ros_rp110ruggedcom_ros_rsg2300pruggedcom_ros_rs910ruggedcom_ros_rst916cruggedcom_ros_rs400ruggedcom_rsg2288ruggedcom_m2100ruggedcom_ros_rs930lruggedcom_ros_m2100ruggedcom_rst916cruggedcom_ros_m2200ruggedcom_ros_rsg2200ruggedcom_ros_rmc41ruggedcom_rs900wruggedcom_ros_rs8000aruggedcom_m969ruggedcom_ros_rsg900ruggedcom_ros_rs920lruggedcom_rmc41ruggedcom_ros_rmcruggedcom_rmc8388ruggedcom_ros_rsg2488ruggedcom_rsg2100pruggedcom_i800ruggedcom_rs910lruggedcom_ros_rs930wRUGGEDCOM RS910WRUGGEDCOM M969RUGGEDCOM RS1600FRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSL910RUGGEDCOM RSG2300 V5.XRUGGEDCOM RS400RUGGEDCOM RST2228RUGGEDCOM i803RUGGEDCOM RSG920P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RMC30RUGGEDCOM i800RUGGEDCOM RMC8388 V5.XRUGGEDCOM RS910LRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RS930WRUGGEDCOM RS969RUGGEDCOM i802RUGGEDCOM RS1600RUGGEDCOM RSG2288 V5.XRUGGEDCOM RS900GRUGGEDCOM RS416v2 V4.XRUGGEDCOM RS920WRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSG2100PRUGGEDCOM RSG2100P (32M) V5.XRUGGEDCOM RMC8388 V4.XRUGGEDCOM RP110RUGGEDCOM RSG2100RUGGEDCOM RS8000ARUGGEDCOM RS900WRUGGEDCOM RSG2200RUGGEDCOM M2200RUGGEDCOM RS940GRUGGEDCOM RSG2300P V4.XRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS8000TRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM RST2228PRUGGEDCOM RSG908CRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RS900GPRUGGEDCOM RSG2300P V5.XRUGGEDCOM RST916PRUGGEDCOM RS920LRUGGEDCOM RS900LRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600TRUGGEDCOM RS8000RUGGEDCOM RS401RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RST916CRUGGEDCOM RSG2488 V5.XRUGGEDCOM RSG2488 V4.XRUGGEDCOM i801RUGGEDCOM RS930LRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG909RRUGGEDCOM RSG920P V5.XRUGGEDCOM RS910RUGGEDCOM M2100RUGGEDCOM RSG907RRUGGEDCOM RS416RUGGEDCOM RS416PRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS8000HRUGGEDCOM RSG2288 V4.XRUGGEDCOM RSG910CRUGGEDCOM RSG2100P (32M) V4.X
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4148
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.63%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 03:00
Updated-12 May, 2025 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear EX6200 sub_503FC buffer overflow

A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this issue is the function sub_503FC. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-ex6200_firmwareex6200EX6200
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4149
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.63%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 04:00
Updated-19 May, 2025 | 11:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear EX6200 sub_54014 buffer overflow

A vulnerability was found in Netgear EX6200 1.0.3.94. It has been classified as critical. This affects the function sub_54014. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-ex6200_firmwareex6200EX6200
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4181
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.43%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 22:31
Updated-13 May, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server SEND Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component SEND Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4184
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.80%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 23:31
Updated-02 May, 2025 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server QUOTE Command buffer overflow

A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component QUOTE Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-3119
Matching Score-4
Assigner-Pentraze Cybersecurity
ShareView Details
Matching Score-4
Assigner-Pentraze Cybersecurity
CVSS Score-9||CRITICAL
EPSS-1.40% / 79.67%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 23:55
Updated-03 Feb, 2025 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-Buffer Overflow in 'Call-ID' and 'X-Call-ID' SIP Header Processing in sngrep

A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the data length. This flaw allows remote attackers to execute arbitrary code or cause a denial of service (DoS) through specially crafted SIP messages.

Action-Not Available
Vendor-irontecirontecirontec
Product-sngrepsngrepsngrep
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4289
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.43%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 21:00
Updated-16 May, 2025 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server RNTO Command buffer overflow

A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component RNTO Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4140
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.63%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 21:31
Updated-12 May, 2025 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear EX6120 sub_30394 buffer overflow

A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Affected by this issue is the function sub_30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-ex6120ex6120_firmwareEX6120
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4142
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.63%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 22:31
Updated-12 May, 2025 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear EX6200 sub_3C8EC buffer overflow

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-ex6120ex6200_firmwareEX6200
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30321
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.27%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:16
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-aqt1000_firmwareqca2066wcd9380_firmwarewsa8830qca1062_firmwarewcn6851_firmwarewcn6856_firmwaresc8280xp_firmwareqca6430wsa8835wcd9340wsa8810_firmwarewcd9380wcd9341_firmwareqca6420_firmwarewsa8810wcn6855wcn6851wcn6856wcn6855_firmwarewcd9385wcd9341qca2066_firmwareqca6430_firmwareqca1064_firmwarewcn3998qca1062sd_8cx_firmwareqca6391_firmwarewcd9385_firmwaresd_8cxaqt1000wcd9340_firmwarewsa8815sc8280xpwcn6850qca6320wsa8830_firmwareqca1064wsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6320_firmwarewcn3998_firmwareqca6391qca6420Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4252
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.43%
||
7 Day CHG~0.00%
Published-04 May, 2025 | 22:31
Updated-16 May, 2025 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server APPEND Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component APPEND Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-30635
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 57.96%
||
7 Day CHG~0.00%
Published-29 Mar, 2024 | 00:00
Updated-25 Mar, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability located in the funcpara1 parameter in the formSetCfm function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-f1202_firmwaref1202n/af1202
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4183
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.43%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 23:00
Updated-02 May, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server RECV Command buffer overflow

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RECV Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-3915
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.57% / 67.47%
||
7 Day CHG~0.00%
Published-13 Dec, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-30593
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 57.96%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 00:00
Updated-10 Apr, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-fh1202fh1202_firmwaren/afh1202
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4161
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.80%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 10:31
Updated-02 May, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server VERBOSE Command buffer overflow

A vulnerability classified as critical has been found in PCMan FTP Server up to 2.0.7. This affects an unknown part of the component VERBOSE Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4288
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.43%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 20:31
Updated-16 May, 2025 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server RNFR Command buffer overflow

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RNFR Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4290
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.43%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 21:31
Updated-16 May, 2025 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server SMNT Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SMNT Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-29243
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.95%
||
7 Day CHG~0.00%
Published-21 Mar, 2024 | 00:00
Updated-17 Jun, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at /apply.cgi.

Action-Not Available
Vendor-szlbtn/aszlbt
Product-lbt-t300-mini1lbt-t300-mini1_firmwaren/albt-t300-mini_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-28639
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.45% / 87.06%
||
7 Day CHG~0.00%
Published-16 Mar, 2024 | 00:00
Updated-26 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022, allow remote attackers to execute arbitrary code and cause a denial of service (DoS) via the IP field.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a7000rx5000r_firmwarea7000r_firmwarex5000rn/ax5000r_firmwarea7000r_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 20
  • 21
  • Next
Details not found