Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-24025

Summary
Assigner-talos
Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At-05 Aug, 2022 | 21:16
Updated At-15 Apr, 2025 | 18:54
Rejected At-
Credits

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the sntp binary.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:talos
Assigner Org ID:b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At:05 Aug, 2022 | 21:16
Updated At:15 Apr, 2025 | 18:54
Rejected At:
▼CVE Numbering Authority (CNA)

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the sntp binary.

Affected Products
Vendor
TCLTCL
Product
LinkHub Mesh Wifi
Versions
Affected
  • MS1G_00_01.00_14
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.09.6CRITICAL
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Version: 3.0
Base score: 9.6
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1463
x_refsource_MISC
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1463
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1463
x_refsource_MISC
x_transferred
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1463
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:talos-cna@cisco.com
Published At:05 Aug, 2022 | 22:15
Updated At:09 Aug, 2022 | 19:25

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the sntp binary.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.09.6CRITICAL
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 9.6
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CPE Matches
TCL
tcl
>>linkhub_mesh_wifi_ac1200>>ms1g_00_01.00_14
cpe:2.3:o:tcl:linkhub_mesh_wifi_ac1200:ms1g_00_01.00_14:*:*:*:*:*:*:*
TCL
tcl
>>linkhub_mesh_wifi_ac1200>>-
cpe:2.3:h:tcl:linkhub_mesh_wifi_ac1200:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarytalos-cna@cisco.com
CWE ID: CWE-120
Type: Primary
Source: talos-cna@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1463talos-cna@cisco.com
Exploit
Technical Description
Third Party Advisory
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1463
Source: talos-cna@cisco.com
Resource:
Exploit
Technical Description
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

954Records found
CVE-2021-43303
Matching Score-4
Assigner-JFrog
ShareView Details
Matching Score-4
Assigner-JFrog
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.64%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 00:00
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied

Action-Not Available
Vendor-teluuteluuDebian GNU/Linux
Product-debian_linuxpjsippjsip
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5156
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.13% / 32.95%
||
7 Day CHG~0.00%
Published-25 May, 2025 | 22:00
Updated-03 Jun, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
H3C GR-5400AX aspForm EditWlanMacList buffer overflow

A vulnerability was found in H3C GR-5400AX up to 100R008 and classified as critical. Affected by this issue is the function EditWlanMacList of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-New H3C Technologies Co., Ltd.
Product-gr-5400axgr-5400ax_firmwareGR-5400AX
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5050
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 18:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server BELL Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been rated as critical. This issue affects some unknown processing of the component BELL Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5073
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 11:00
Updated-05 Jun, 2025 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server MKDIR Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. This issue affects some unknown processing of the component MKDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-42774
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.07%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 01:17
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. In non-secure mode, the user is unauthenticated.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-emulex_hba_managern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5109
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-23 May, 2025 | 13:00
Updated-20 Jun, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server STATUS Command buffer overflow

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11984
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-80.22% / 99.08%
||
7 Day CHG~0.00%
Published-07 Aug, 2020 | 15:27
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

Action-Not Available
Vendor-n/aCanonical Ltd.The Apache Software FoundationNetApp, Inc.openSUSEFedora ProjectDebian GNU/LinuxOracle Corporation
Product-http_serverclustered_data_ontapubuntu_linuxdebian_linuxinstantis_enterprisetrackfedoracommunications_session_route_managerzfs_storage_appliance_kitcommunications_session_report_managerhyperion_infrastructure_technologyenterprise_manager_ops_centercommunications_element_managerleapApache HTTP Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5220
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 01:31
Updated-09 Jun, 2025 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server GET Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the component GET Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5053
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 21:00
Updated-10 Jun, 2025 | 19:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server MDIR Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component MDIR Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5049
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 18:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server APPEND Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. This vulnerability affects unknown code of the component APPEND Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5218
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 01:00
Updated-05 Jun, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server LITERAL Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0.0. Affected is an unknown function of the component LITERAL Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-12125
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.94% / 90.29%
||
7 Day CHG~0.00%
Published-02 Oct, 2020 | 08:12
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication.

Action-Not Available
Vendor-n/aWAVLINK Technology Ltd.
Product-wn530h4wn530h4_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-43636
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 58.42%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 17:55
Updated-04 Aug, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two Buffer Overflow vulnerabilities exists in T10 V2_Firmware V4.1.8cu.5207_B20210320 in the http_request_parse function when processing host data in the HTTP request process.

Action-Not Available
Vendor-n/aTOTOLINK
Product-t10_v2t10_v2_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5052
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 21:00
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server LS Command buffer overflow

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component LS Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-51630
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 51.80%
||
7 Day CHG+0.08%
Published-17 Jul, 2025 | 00:00
Updated-18 Jul, 2025 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort parameter in the function setIpPortFilterRules.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n350rt_firmwaren350rtn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5051
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 20:00
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server BINARY Command buffer overflow

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component BINARY Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5111
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-23 May, 2025 | 14:00
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server TYPE Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component TYPE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5217
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 00:31
Updated-05 Jun, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server RMDIR Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.0. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5075
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 12:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server DEBUG Command buffer overflow

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component DEBUG Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-41751
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 15:37
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5219
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 01:00
Updated-09 Jun, 2025 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server ASCII Command buffer overflow

A vulnerability has been found in FreeFloat FTP Server 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component ASCII Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3662
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.06%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur while parsing eac3 header while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sxr2130qcs605_firmwaresdm636apq8098qcs605sdm429_firmwareqca6574au_firmwaresda660apq8009msm8909wapq8053_firmwaremsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630sm8250_firmwareqcs405qca6574auqm215apq8017_firmwaremsm8996_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017msm8996saipansdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5074
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 12:00
Updated-05 Jun, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server PROMPT Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component PROMPT Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2013-1595
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.88% / 87.78%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 17:10
Updated-06 Aug, 2024 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service.

Action-Not Available
Vendor-vivotekn/a
Product-pt7135_firmwarept7135n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3681
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 25.64%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 10:00
Updated-29 Apr, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server MODE Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MODE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5110
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-23 May, 2025 | 13:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server VERBOSE Command buffer overflow

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component VERBOSE Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3724
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 25.64%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 19:31
Updated-12 May, 2025 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server DIR Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component DIR Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5076
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 13:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server SEND Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this issue is some unknown functionality of the component SEND Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4871
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 10:31
Updated-12 Jun, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server REST Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component REST Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-6789
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-84.96% / 99.30%
||
7 Day CHG~0.00%
Published-08 Feb, 2018 | 23:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

Action-Not Available
Vendor-n/aCanonical Ltd.EximDebian GNU/Linux
Product-debian_linuxubuntu_linuxeximn/aExim
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2013-1592
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-68.89% / 98.57%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 18:58
Updated-06 Aug, 2024 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.

Action-Not Available
Vendor-n/aSAP SE
Product-netweavern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4847
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 01:31
Updated-04 Jun, 2025 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server MLS Command buffer overflow

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component MLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-4257
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-7.6||HIGH
EPSS-0.43% / 61.84%
||
7 Day CHG~0.00%
Published-13 Oct, 2023 | 21:09
Updated-13 Feb, 2025 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unchecked user input length in the Zephyr WiFi shell module

Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows.

Action-Not Available
Vendor-Zephyr Project
Product-zephyrZephyr
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2020-3910
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.17% / 77.86%
||
7 Day CHG~0.00%
Published-01 Apr, 2020 | 17:54
Updated-04 Aug, 2024 | 07:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

Action-Not Available
Vendor-Apple Inc.
Product-itunesiphone_oswatchosipadostvosmac_os_xicloudiTunes for WindowswatchOSiCloud for WindowsmacOSiOSiCloud for Windows (Legacy)tvOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-14948
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.78% / 89.05%
||
7 Day CHG~0.00%
Published-14 Oct, 2019 | 17:03
Updated-05 Aug, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with ''boundary=' followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-895r_firmwaredir-885ldir-868l_firmwaredir-885l_firmwaredir-895l_firmwaredir-880ldir-890l_firmwaredir-868ldir-895ldir-880l_firmwaredir-890ldir-895rn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43548
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.14% / 35.37%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Video

Memory corruption while parsing qcp clip with invalid chunk data size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gsxr1120qca6595qcs610_firmwarewcd9335wcd9370snapdragon_670_mobileqca6696wcd9340_firmwarewcd9341_firmwaresnapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700wcn3610snapdragon_780g_5g_mobilesnapdragon_685_4g_mobilesa4150psnapdragon_782g_mobile_firmwaresnapdragon_wear_4100\+_firmwarewsa8832_firmwaresnapdragon_665_mobile_firmwareqca6574au_firmwaresnapdragon_690_5g_mobile_firmwareqcn7606_firmwareqam8295pwcd9341qca6574ausnapdragon_888\+_5g_mobile_firmwarewsa8810_firmwaresd730_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hwcn3660b_firmwaresd730snapdragon_690_5g_mobilefastconnect_6800_firmwaresd835_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770psnapdragon_678_mobile_firmwaressg2115psnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwaresnapdragon_wear_4100\+fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_730_mobile_firmwarewcd9385_firmwareqca6310qam8255p_firmwareqcs4490snapdragon_730_mobilesnapdragon_680_4g_mobilesa6155pwsa8810qam8650psnapdragon_835_mobilesa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwaresnapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaresnapdragon_845_mobile_firmwarewcd9326_firmwaresrv1m_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesd835snapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3910_firmwaresnapdragon_460_mobileqca6420wcn3910wcd9370_firmwaresnapdragon_835_mobile_firmwarewcn3660bqca6574asa8195pwcd9340qcm2290qcm6490wcn3988snapdragon_765_5g_mobile_firmwaresnapdragon_662_mobilesa8775pqca6574sxr2230p_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresa8775p_firmwareqamsrv1hsa6150pwcd9326qcs410qcm2290_firmwaresa8155p_firmwaresa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwareqamsrv1m_firmwaresnapdragon_4_gen_2_mobilesa8650p_firmwaresnapdragon_865\+_5g_mobile_firmwareqca6698aqssg2125p_firmwaresm6250wcn3950_firmwaresnapdragon_480\+_5g_mobilefastconnect_6200sd670wcn3680bsa8145p_firmwaresm7325p_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwaresa8150p_firmwarefastconnect_6700_firmwaresnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwareqcs6490snapdragon_695_5g_mobilesnapdragon_855_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqca6678aq_firmwaresd660_firmwarewsa8832snapdragon_480_5g_mobilesrv1mqca6678aqsnapdragon_860_mobile_firmwaresnapdragon_778g\+_5g_mobileqca6320sa4150p_firmwaresd888_firmwarewsa8815_firmwaresa8195p_firmwareqcm4290snapdragon_xr2\+_gen_1qcm6490_firmwaresnapdragon_665_mobilesm7250p_firmwareqcm4490_firmwarewcn3950snapdragon_870_5g_mobile_firmwaresnapdragon_730g_mobile_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobilesnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesnapdragon_678_mobilesa4155p_firmwaresnapdragon_720g_mobilesm6250_firmwaresm7250pqca6320_firmwaresd888snapdragon_675_mobile_firmwaresw5100_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwareqca6310_firmwaresnapdragon_845_mobilefastconnect_6800qca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psnapdragon_xr2_5gsa8150psxr1230psw5100video_collaboration_vc3_platformaqt1000snapdragon_4_gen_1_mobile_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315snapdragon_660_mobileqca6698aq_firmwareqcs2290snapdragon_888\+_5g_mobileqcn7606wcd9385qcs2290_firmwaresnapdragon_8_gen_1_mobilesnapdragon_xr2\+_gen_1_firmwaresnapdragon_680_4g_mobile_firmwarewcn3610_firmwaresa8255pqcs4290sxr1230p_firmwaresnapdragon_865\+_5g_mobileqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobilesnapdragon_860_mobilessg2125pqcm4490snapdragon_480\+_5g_mobile_firmwareqamsrv1msm7325psnapdragon_732g_mobile_firmwareqam8650p_firmwaresnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwarewcn3980_firmwarewsa8835qca6595au_firmwareqca6391_firmwareqcs610sw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarewsa8815sd660sd_8_gen1_5gqam8775pqca6574a_firmwaresnapdragon_4_gen_1_mobileqcm4290_firmwaresnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca6391snapdragon_710_mobilesa8770p_firmwaresa8295pfastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresnapdragon_xr1wcd9375snapdragon_765g_5g_mobilewcn3988_firmwareqamsrv1h_firmwaresa8145psnapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwarewcn3980wcn3680b_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwarewcn3980_firmwaresnapdragon_720g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8832_firmwareqcs4490_firmwarewcn3660b_firmwareqca6696_firmwaresa8150p_firmwaresa8775p_firmwaresd888_firmwaresrv1h_firmwaresd855_firmwaresd670_firmwaresnapdragon_780g_5g_mobile_platform_firmwarewsa8835_firmwaresnapdragon_xr1_platform_firmwaresa8255p_firmwaresm7325p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqca6595au_firmwaresnapdragon_660_mobile_platform_firmwaresnapdragon_855_mobile_platform_firmwareqcm6490_firmwareaqt1000_firmwareqamsrv1h_firmwareqcs6490_firmwaresa8155p_firmwarefastconnect_6200_firmwaresa4155p_firmwaresa6145p_firmwaresnapdragon_835_mobile_pc_platform_firmwaresa8295p_firmwaresm6250_firmwareqca6420_firmwaresnapdragon_845_mobile_platform_firmwaresa4150p_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa6150p_firmwaresxr1230p_firmwaresm7250p_firmwareqca6391_firmwaresnapdragon_675_mobile_platform_firmwaresm7315_firmwareqca6698aq_firmwaresnapdragon_680_4g_mobile_platform_firmwarefastconnect_6900_firmwaresa8770p_firmwaresd835_firmwarewcd9385_firmwarewcd9370_firmwarewcd9380_firmwareqam8775p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewsa8810_firmwaresnapdragon_710_mobile_platform_firmwarewcn3610_firmwarefastconnect_7800_firmwaresxr1120_firmwaresw5100p_firmwarewcd9341_firmwaresd730_firmwaresnapdragon_865_5g_mobile_platform_firmwarewsa8830_firmwaresxr2230p_firmwaressg2125p_firmwareqam8295p_firmwaressg2115p_firmwareqca6320_firmwareqca6574_firmwarewcd9335_firmwareqamsrv1m_firmwareqca6595_firmwaresa8145p_firmwarewcd9326_firmwareqam8650p_firmwareqcm4490_firmwareqcm2290_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcn3950_firmwaresnapdragon_480_5g_mobile_platform_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_662_mobile_platform_firmwareqcs4290_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresrv1m_firmwareqcs610_firmwarewsa8815_firmwareqcs2290_firmwaresnapdragon_460_mobile_platform_firmwarewcn3990_firmwaresa8195p_firmwarewcn3680b_firmwarewcn3910_firmwareqcn7606_firmwaresnapdragon_690_5g_mobile_platform_firmwaresw5100_firmwaresa9000p_firmwarewcd9340_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6430_firmwaresd865_5g_firmwarefastconnect_6800_firmwaresnapdragon_665_mobile_platform_firmwaresd660_firmwareqca6574au_firmwareqcs410_firmwareqam8255p_firmwaresa6155p_firmwareqca6310_firmwareqcm4290_firmwaresa8650p_firmwareqca6678aq_firmwarewcn6740_firmwaresd_8_gen1_5g_firmwarewcd9375_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4872
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 11:00
Updated-12 Jun, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server CCC Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component CCC Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4848
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 02:00
Updated-04 Jun, 2025 | 20:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server RECV Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RECV Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4845
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 00:31
Updated-04 Jun, 2025 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server TRACE Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component TRACE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-34832
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.13% / 33.82%
||
7 Day CHG~0.00%
Published-16 Jun, 2023 | 00:00
Updated-13 Feb, 2025 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-archer_ax10_firmwarearcher_ax10n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4844
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 00:00
Updated-04 Jun, 2025 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server CD Command buffer overflow

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43519
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.11% / 29.60%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Video

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gqca6595qcs610_firmwarewcd9335wcd9370qca6696wcd9340_firmwarewcd9341_firmwaresnapdragon_730_mobile_platformwcn6740_firmwarefastconnect_6700wcn3610snapdragon_768g_5g_mobile_platform_firmwaresa4150pwsa8832_firmwaresnapdragon_460_mobile_platformqca6574au_firmwareqcn7606_firmwareqam8295pwcd9341qca6574auwsa8810_firmwaresd730_firmwaresa9000p_firmwaresrv1hsnapdragon_835_mobile_pc_platform_firmwarewcn3660b_firmwaresd730snapdragon_730g_mobile_platform_firmwarefastconnect_6800_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_778g\+_5g_mobile_platformsa8770pssg2115psnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwarefastconnect_6900snapdragon_765g_5g_mobile_platformvideo_collaboration_vc1_platformwcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemqca6310qam8255p_firmwaresnapdragon_888_5g_mobile_platform_firmwareqcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_685_4g_mobile_platformsa6155psnapdragon_768g_5g_mobile_platformwsa8810qam8650psa9000psrv1h_firmwareqca6595ausm7315_firmwaresa6155p_firmwaresrv1m_firmwaresd835snapdragon_870_5g_mobile_platform_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_8\+_gen_1_mobile_platformqcs4490_firmwarewcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_855\+\/860_mobile_platform_firmwareqca6420wcn3910wcd9370_firmwaresnapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_660_mobile_platformwcn3660bqca6574asa8195pwcd9340qcm2290qcm6490wcn3988sa8775pqca6574snapdragon_460_mobile_platform_firmwaresxr2230p_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformsa8775p_firmwareqamsrv1hsa6150pqcs410qcm2290_firmwaresa8155p_firmwaresa8155psnapdragon_675_mobile_platformwsa8830snapdragon_662_mobile_platformsa6145psnapdragon_8\+_gen_1_mobile_platform_firmwaresnapdragon_765_5g_mobile_platformsa8255p_firmwaresnapdragon_665_mobile_platformqamsrv1m_firmwaresa8650p_firmwaresnapdragon_678_mobile_platform_firmwareqca6698aqssg2125p_firmwaresm6250wcn3950_firmwaresnapdragon_8_gen_1_mobile_platformfastconnect_6200wcn3680bsa8145p_firmwaresm7325p_firmwaresnapdragon_730g_mobile_platformsnapdragon_888\+_5g_mobile_platformsa8150p_firmwaresnapdragon_855\+\/860_mobile_platformsnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_680_4g_mobile_platform_firmwareqcs6490fastconnect_6200_firmwarewsa8830_firmwaresd660_firmwarewsa8832srv1msnapdragon_675_mobile_platform_firmwaresnapdragon_730_mobile_platform_firmwaresnapdragon_888_5g_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6320sa4150p_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwarewsa8815_firmwaresa8195p_firmwareqcm4290snapdragon_680_4g_mobile_platformqcm6490_firmwaresm7250p_firmwareqcm4490_firmwaresnapdragon_855_mobile_platformwcn3950snapdragon_xr2_5g_platformsnapdragon_7c\+_gen_3_computesnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_780g_5g_mobile_platformsa8295p_firmwaresa4155p_firmwaresnapdragon_720g_mobile_platformsm6250_firmwaresm7250psnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqca6320_firmwaresd888snapdragon_4_gen_2_mobile_platformsw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwarewcn6740qca6310_firmwarefastconnect_6800qca6595_firmwaresnapdragon_685_4g_mobile_platform_firmwarefastconnect_7800_firmwaresnapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psnapdragon_732g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_4_gen_1_mobile_platformsa8150psnapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwaresnapdragon_835_mobile_pc_platformsxr1230psnapdragon_865\+_5g_mobile_platformsw5100video_collaboration_vc3_platformaqt1000snapdragon_865_5g_mobile_platform_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315qca6698aq_firmwareqcs2290wcd9385qcn7606qcs2290_firmwarewcn3610_firmwaresnapdragon_678_mobile_platformsa8255psnapdragon_720g_mobile_platform_firmwareqcs4290sxr1230p_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformqca6430ssg2125pqcm4490qamsrv1msnapdragon_xr2\+_gen_1_platformsm7325pqam8650p_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwarewcn3980_firmwaresnapdragon_480_5g_mobile_platform_firmwarewsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwaresnapdragon_732g_mobile_platformsnapdragon_782g_mobile_platformqca6696_firmwareqcs4290_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwareqca6574_firmwarewsa8815sd660sd_8_gen1_5gqam8775pqca6574a_firmwareqcm4290_firmwaresnapdragon_480\+_5g_mobile_platformsd_8_gen1_5g_firmwarewcd9375_firmwareqca6391snapdragon_778g_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platformsa8770p_firmwaresa8295pfastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375wcn3988_firmwareqamsrv1h_firmwaresa8145psnapdragon_wear_4100\+_platformsnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_660_mobile_platform_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwarewcn3680b_firmwareqcs610Snapdragonqcm2290_firmwareqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwaresnapdragon_662_mobile_platform_firmwarewcd9380_firmwaresa6150p_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresxr1230p_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwaresm7325p_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwarewcn3660b_firmwaresa9000p_firmwareqca6320_firmwaresm7315_firmwareqca6574au_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3680b_firmwarewcd9375_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresm7250p_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwaresnapdragon_680_4g_mobile_platform_firmwareaqt1000_firmwarewcn6740_firmwaresa6155p_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcs4490_firmwaresa8775p_firmwareqcm6490_firmwaresa8650p_firmwaresa4155p_firmwarewsa8832_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcn7606_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresa8255p_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwaresd835_firmwareqcs4290_firmwaresa8770p_firmwareqam8650p_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqca6391_firmwaresnapdragon_665_mobile_platform_firmwaresa4150p_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresm6250_firmwaresd888_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresd660_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaressg2115p_firmwaresw5100_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwaresnapdragon_720g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-15222
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-81.59% / 99.14%
||
7 Day CHG~0.00%
Published-24 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-nftp_projectn/a
Product-nftpn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-6862
Matching Score-4
Assigner-a2826606-91e7-4eb6-899e-8484bd4575d5
ShareView Details
Matching Score-4
Assigner-a2826606-91e7-4eb6-899e-8484bd4575d5
CVSS Score-9.8||CRITICAL
EPSS-58.70% / 98.14%
||
7 Day CHG~0.00%
Published-26 May, 2017 | 20:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-22||Apply updates per vendor instructions.

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wnr2000v5_firmwarewnr2000v5wnr2000v3_firmwarewnr2000v4_firmwarewnr2000v3wnr2000v4NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42Multiple Devices
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-42277
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 43.63%
||
7 Day CHG~0.00%
Published-08 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath.

Action-Not Available
Vendor-hutooln/a
Product-hutooln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-40241
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 23.09%
||
7 Day CHG+0.01%
Published-31 Oct, 2022 | 00:00
Updated-07 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xfig 3.2.7 is vulnerable to Buffer Overflow.

Action-Not Available
Vendor-xfig_projectn/a
Product-xfign/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4789
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.06% / 20.21%
||
7 Day CHG~0.00%
Published-16 May, 2025 | 16:31
Updated-23 May, 2025 | 13:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server LCD Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4790
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.06% / 20.21%
||
7 Day CHG~0.00%
Published-16 May, 2025 | 17:00
Updated-23 May, 2025 | 13:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server GLOB Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40239
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 63.15%
||
7 Day CHG~0.00%
Published-11 Oct, 2021 | 18:20
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Buffer Overflow vulnerability exists in the latest version of Miniftpd in the do_retr function in ftpproto.c

Action-Not Available
Vendor-miniftpd_projectn/a
Product-miniftpdn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43504
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.6||CRITICAL
EPSS-0.23% / 45.86%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 11:03
Updated-08 Jan, 2025 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-comosCOMOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 19
  • 20
  • Next
Details not found