Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-9242

Summary
Assigner-WatchGuard
Assigner Org ID-5d1c2695-1a31-4499-88ae-e847036fd7e3
Published At-17 Sep, 2025 | 07:29
Updated At-26 Feb, 2026 | 17:48
Rejected At-
Credits

WatchGuard Firebox Out-of-Bounds Write Vulnerability

WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Known Exploited Vulnerabilities (KEV)
cisa.gov
Vendor:
WatchGuard Technologies, Inc.WatchGuard
Product:Firebox
Added At:12 Nov, 2025
Due At:03 Dec, 2025

WatchGuard Firebox Out-of-Bounds Write Vulnerability

WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code.

Used in Ransomware

:

Unknown

CWE

:
CWE-787

Required Action:

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes:

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015 ; https://nvd.nist.gov/vuln/detail/CVE-2025-9242
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:WatchGuard
Assigner Org ID:5d1c2695-1a31-4499-88ae-e847036fd7e3
Published At:17 Sep, 2025 | 07:29
Updated At:26 Feb, 2026 | 17:48
Rejected At:
â–¼CVE Numbering Authority (CNA)
WatchGuard Firebox iked Out of Bounds Write Vulnerability

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

Affected Products
Vendor
WatchGuard Technologies, Inc.WatchGuard
Product
Fireware OS
Default Status
unaffected
Versions
Affected
  • From 12.0 through 12.11.3 (semver)
  • From 11.10.2 through 11.12.4+541730 (semver)
  • From 2025.0 through 2025.1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-253CAPEC-253 Remote Code Inclusion
CAPEC ID: CAPEC-253
Description: CAPEC-253 Remote Code Inclusion
Solutions
Configurations
Workarounds
Exploits
Credits
finder
btaol
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015
N/A
Hyperlink: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
kev
dateAdded:
2025-11-12
reference:
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-9242
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
CVE-2025-9242 added to CISA KEV2025-11-12 00:00:00
Event: CVE-2025-9242 added to CISA KEV
Date: 2025-11-12 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/watchtowrlabs/watchTowr-vs-WatchGuard-CVE-2025-9242/blob/main/watchTowr-vs-WatchGuard-CVE-2025-9242.py
exploit
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-9242
government-resource
Hyperlink: https://github.com/watchtowrlabs/watchTowr-vs-WatchGuard-CVE-2025-9242/blob/main/watchTowr-vs-WatchGuard-CVE-2025-9242.py
Resource:
exploit
Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-9242
Resource:
government-resource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:5d1c2695-1a31-4499-88ae-e847036fd7e3
Published At:17 Sep, 2025 | 08:15
Updated At:14 Nov, 2025 | 02:00

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
2025-11-122025-12-03WatchGuard Firebox Out-of-Bounds Write VulnerabilityApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2025-11-12
Due Date: 2025-12-03
Vulnerability Name: WatchGuard Firebox Out-of-Bounds Write Vulnerability
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
WatchGuard Technologies, Inc.
watchguard
>>fireware>>Versions from 11.10.2(inclusive) to 12.11.4(exclusive)
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m270>>*
cpe:2.3:h:watchguard:firebox_m270:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m290>>*
cpe:2.3:h:watchguard:firebox_m290:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m370>>*
cpe:2.3:h:watchguard:firebox_m370:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m390>>*
cpe:2.3:h:watchguard:firebox_m390:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m440>>*
cpe:2.3:h:watchguard:firebox_m440:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m4600>>*
cpe:2.3:h:watchguard:firebox_m4600:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m470>>*
cpe:2.3:h:watchguard:firebox_m470:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m4800>>*
cpe:2.3:h:watchguard:firebox_m4800:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m5600>>*
cpe:2.3:h:watchguard:firebox_m5600:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m570>>*
cpe:2.3:h:watchguard:firebox_m570:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m5800>>*
cpe:2.3:h:watchguard:firebox_m5800:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m590>>*
cpe:2.3:h:watchguard:firebox_m590:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m670>>*
cpe:2.3:h:watchguard:firebox_m670:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_m690>>*
cpe:2.3:h:watchguard:firebox_m690:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_nv5>>*
cpe:2.3:h:watchguard:firebox_nv5:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t20>>*
cpe:2.3:h:watchguard:firebox_t20:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t25>>*
cpe:2.3:h:watchguard:firebox_t25:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t40>>*
cpe:2.3:h:watchguard:firebox_t40:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t45>>*
cpe:2.3:h:watchguard:firebox_t45:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t55>>*
cpe:2.3:h:watchguard:firebox_t55:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t70>>*
cpe:2.3:h:watchguard:firebox_t70:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t80>>*
cpe:2.3:h:watchguard:firebox_t80:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t85>>*
cpe:2.3:h:watchguard:firebox_t85:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>fireboxcloud>>*
cpe:2.3:h:watchguard:fireboxcloud:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>fireboxv>>*
cpe:2.3:h:watchguard:fireboxv:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>fireware>>Versions from 11.10.2(inclusive) to 12.5.13(exclusive)
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t15>>*
cpe:2.3:h:watchguard:firebox_t15:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t35>>*
cpe:2.3:h:watchguard:firebox_t35:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>fireware>>2025.1
cpe:2.3:o:watchguard:fireware:2025.1:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t115-w>>*
cpe:2.3:h:watchguard:firebox_t115-w:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t125>>*
cpe:2.3:h:watchguard:firebox_t125:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t125-w>>*
cpe:2.3:h:watchguard:firebox_t125-w:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t145>>*
cpe:2.3:h:watchguard:firebox_t145:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t145-w>>*
cpe:2.3:h:watchguard:firebox_t145-w:*:*:*:*:*:*:*:*
WatchGuard Technologies, Inc.
watchguard
>>firebox_t185>>*
cpe:2.3:h:watchguard:firebox_t185:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Secondary5d1c2695-1a31-4499-88ae-e847036fd7e3
CWE ID: CWE-787
Type: Secondary
Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-000155d1c2695-1a31-4499-88ae-e847036fd7e3
Vendor Advisory
https://github.com/watchtowrlabs/watchTowr-vs-WatchGuard-CVE-2025-9242/blob/main/watchTowr-vs-WatchGuard-CVE-2025-9242.py134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-9242134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource
Hyperlink: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015
Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3
Resource:
Vendor Advisory
Hyperlink: https://github.com/watchtowrlabs/watchTowr-vs-WatchGuard-CVE-2025-9242/blob/main/watchTowr-vs-WatchGuard-CVE-2025-9242.py
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-9242
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

2250Records found
CVE-2022-37809
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:06
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37802
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37073
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 57.49%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanModeMulti.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38312
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.94% / 56.22%
||
7 Day CHG+0.01%
Published-07 Sep, 2022 | 18:41
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac18_firmwareac18n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37811
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:05
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the startIp parameter in the function formSetPPTPServer.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38314
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.94% / 56.22%
||
7 Day CHG+0.01%
Published-07 Sep, 2022 | 18:40
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the urls parameter at /goform/saveParentControlInfo.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac18_firmwareac18n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37095
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateWanParams.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-h200_firmwareh200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37086
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:03
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-h200_firmwareh200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37232
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.95% / 56.77%
||
7 Day CHG~0.00%
Published-23 Sep, 2022 | 00:10
Updated-27 May, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wnr2000v4wnr2000v4_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38311
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.94% / 56.22%
||
7 Day CHG+0.01%
Published-07 Sep, 2022 | 18:41
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac18_firmwareac18n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37813
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:06
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetSysTime.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-23305
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-1.68% / 74.01%
||
7 Day CHG~0.00%
Published-20 Feb, 2024 | 15:29
Updated-04 Nov, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds write vulnerability exists in the BrainVisionMarker Parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .vmrk file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-libbiosig_projectThe Biosig Projectthe_biosig_projectFedora Project
Product-fedoralibbiosiglibbiosigfedoralibbiosig
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-25669
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-2.13% / 79.55%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xf206-1_firmwarescalance_xf201-3p_irtscalance_x212-2ldscalance_x201-3p_irtscalance_xf204_irtscalance_x204-2ldscalance_xf208scalance_x201-3p_irt_firmwarescalance_x202-2p_irt_pro_firmwarescalance_xf204-2ba_irt_firmwarescalance_x206-1scalance_x204-2ld_ts_firmwarescalance_x201-3p_irt_proscalance_x204-2fmscalance_x204-2ld_tsscalance_x208scalance_x200-4p_irtscalance_x202-2p_irtscalance_x204-2scalance_x224scalance_x206-1_firmwarescalance_x204-2_firmwarescalance_xf204-2scalance_xf206-1scalance_x202-2p_irt_firmwarescalance_x206-1ld_firmwarescalance_x204_irtscalance_x212-2ld_firmwarescalance_x204_irt_firmwarescalance_x212-2scalance_x202-2_irtscalance_x204-2ts_firmwarescalance_x208proscalance_xf204_firmwarescalance_x216_firmwarescalance_xf204-2ba_irtscalance_x204-2ld_firmwarescalance_x212-2_firmwarescalance_x204_irt_proscalance_xf202-2p_irt_firmwarescalance_xf208_firmwarescalance_x208_firmwarescalance_xf204-2_firmwarescalance_x202-2p_irt_proscalance_xf202-2p_irtscalance_x200-4p_irt_firmwarescalance_x204_irt_pro_firmwarescalance_x216scalance_xf201-3p_irt_firmwarescalance_x204-2fm_firmwarescalance_x204-2tsscalance_x202-2_irt_firmwarescalance_x201-3p_irt_pro_firmwarescalance_xf204scalance_x206-1ldscalance_x208pro_firmwarescalance_x224_firmwarescalance_xf204_irt_firmwareSCALANCE XF208SCALANCE X206-1LDSCALANCE X202-2P IRT PROSCALANCE XF204-2BA IRTSCALANCE X201-3P IRTSCALANCE X204-2FMSCALANCE X212-2 (incl. SIPLUS NET variant)SCALANCE X204-2TSSCALANCE X204-2LD TSSCALANCE X206-1SCALANCE XF204SCALANCE XF204-2 (incl. SIPLUS NET variant)SCALANCE X204-2 (incl. SIPLUS NET variant)SCALANCE X204 IRT PROSCALANCE X224SCALANCE X204-2LD (incl. SIPLUS NET variant)SCALANCE X208PROSCALANCE X216SCALANCE X212-2LDSCALANCE X201-3P IRT PROSCALANCE X200-4P IRTSCALANCE XF206-1SCALANCE XF201-3P IRTSCALANCE XF204 IRTSCALANCE XF202-2P IRTSCALANCE X208 (incl. SIPLUS NET variant)SCALANCE X202-2P IRT (incl. SIPLUS NET variant)SCALANCE X202-2 IRTSCALANCE X204 IRT
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37072
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 57.49%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37816
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:07
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetIpMacBind.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37452
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.92% / 85.23%
||
7 Day CHG~0.00%
Published-07 Aug, 2022 | 17:06
Updated-03 Aug, 2024 | 10:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.

Action-Not Available
Vendor-n/aDebian GNU/LinuxExim
Product-eximdebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38309
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.94% / 56.22%
||
7 Day CHG+0.01%
Published-07 Sep, 2022 | 18:41
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac18_firmwareac18n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37798
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37097
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-h200_firmwareh200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37800
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37799
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37098
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateIpv6Params.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-h200_firmwareh200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37812
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.53%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:05
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the firewallEn parameter in the function formSetFirewallCfg.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1206_firmwareac1206n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-46045
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.58% / 43.09%
||
7 Day CHG+0.02%
Published-13 Sep, 2024 | 00:00
Updated-15 Oct, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ch22ch22_firmwaren/ach22_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38310
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.94% / 56.22%
||
7 Day CHG+0.01%
Published-07 Sep, 2022 | 18:41
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac18_firmwareac18n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37434
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.93% / 96.47%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 00:00
Updated-30 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

Action-Not Available
Vendor-zlibstormshieldn/aNetApp, Inc.Debian GNU/LinuxFedora ProjectApple Inc.
Product-active_iq_unified_managerwatchosh500shci_compute_nodeh700sstoragegriddebian_linuxh300s_firmwareh300smanagement_services_for_element_softwareh500s_firmwareoncommand_workflow_automationhcih700s_firmwareipadosstormshield_network_securityiphone_osfedorazlibontap_select_deploy_administration_utilitymacosn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-5735
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-8.1||HIGH
EPSS-0.31% / 22.11%
||
7 Day CHG~0.00%
Published-07 Apr, 2026 | 12:43
Updated-10 May, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory safety bugs fixed in Firefox 149.0.2 and Thunderbird 149.0.2

Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2 and Thunderbird 149.0.2.

Action-Not Available
Vendor-Mozilla Corporation
Product-thunderbirdfirefoxFirefoxThunderbird
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37089
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.52%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:03
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EditMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-h200_firmwareh200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-2017
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-4.33% / 89.92%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 11:32
Updated-23 Feb, 2026 | 09:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IP-COM W30AP POST Request wx3auth R7WebsSecurityHandler stack-based overflow

A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-ip-comIP-COM
Product-w30ap_firmwarew30apW30AP
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36515
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 57.49%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function addactionlist.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37067
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 57.49%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:59
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanParamsMulti.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36517
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 57.49%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function debug_wlan_advance.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37068
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 57.49%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:59
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-8773
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.32% / 81.24%
||
7 Day CHG~0.00%
Published-04 May, 2017 | 03:55
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation.

Action-Not Available
Vendor-quickhealn/a
Product-total_securityantivirus_prointernet_securityn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-46044
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.62% / 44.87%
||
7 Day CHG+0.02%
Published-13 Sep, 2024 | 00:00
Updated-15 Oct, 2024 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ch22ch22_firmwaren/ach22_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36513
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.99% / 57.92%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-17 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200wgr-1200w_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-22660
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.86% / 53.82%
||
7 Day CHG~0.00%
Published-23 Jan, 2024 | 00:00
Updated-20 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3700ra3700r_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36660
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.85% / 53.29%
||
7 Day CHG+0.01%
Published-07 Sep, 2022 | 16:30
Updated-17 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pci_vtrnd_notify().

Action-Not Available
Vendor-xhyve_projectn/a
Product-xhyven/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-45695
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.58% / 72.39%
||
7 Day CHG-0.01%
Published-16 Sep, 2024 | 06:37
Updated-17 Sep, 2024 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link WiFi router - Stack-based Buffer Overflow

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-x4860_firmwaredir-x4860DIR-X4860 A1dir-x4860_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36519
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.99% / 57.92%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:00
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function AddWlanMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-14235
Matching Score-4
Assigner-Canon Inc.
ShareView Details
Matching Score-4
Assigner-Canon Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.83% / 52.79%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 23:38
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.

Action-Not Available
Vendor-Canon Inc.
Product-mf451dwmf1643i_iimf452dw_firmwarelbp236dwmf654cdw_firmwaremf453dw_firmwaremf452dwmf656cdw_firmwarelbp633cdwlbp632cdwmf455dwlbp237dw_firmwaremf653cdwmf652cw_firmwarelbp236dw_firmwaremf455dw_firmwaremf1643if_iimf653cdw_firmwarelbp632cdw_firmwaremf656cdwmf1643i_ii_firmwaremf453dwmf451dw_firmwaremf654cdwmf1238_ii_firmwaremf1238_iilbp237dwlbp633cdw_firmwarelbp1238_iimf652cdwlbp1238_ii_firmwaremf1643if_ii_firmwarei-SENSYS LBP630C Series1238iF IIimageRUNNER 1643iF II1238Pr IIimageCLASS X MF1238 IIimageCLASS X MF1643i IIi-SENSYS MF650C Series1238i IIi-SENSYS MF550 Seriesi-SENSYS LBP230 SeriesimageCLASS MF450 SeriesimageCLASS LBP230 SeriesimageCLASS X LBP1238 II1238P IIColor imageCLASS LBP630Ci-SENSYS MF450 SeriesSatera MF750C SeriesimageCLASS X MF1643iF IIimageRUNNER 1643i IISatera LBP670C SeriesColor imageCLASS MF650C Series
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-45508
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.71% / 48.54%
||
7 Day CHG~0.00%
Published-01 Sep, 2024 | 00:00
Updated-04 Sep, 2024 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node.

Action-Not Available
Vendor-htmldoc_projectn/ahtmldoc
Product-htmldocn/ahtmldoc
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-35711
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-73.49% / 99.39%
||
7 Day CHG~0.00%
Published-14 Oct, 2022 | 19:42
Updated-23 Apr, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe ColdFusion ODBC Server Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server.

Action-Not Available
Vendor-Adobe Inc.
Product-coldfusionColdFusion
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-46049
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.62% / 44.87%
||
7 Day CHG+0.02%
Published-13 Sep, 2024 | 00:00
Updated-15 Oct, 2024 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-o6_firmwareo6n/ao6_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-8923
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.19% / 93.49%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-35710
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-42.58% / 98.53%
||
7 Day CHG~0.00%
Published-14 Oct, 2022 | 19:42
Updated-23 Apr, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe ColdFusion ODBC Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server.

Action-Not Available
Vendor-Adobe Inc.
Product-coldfusionColdFusion
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-9226
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.51% / 93.70%
||
7 Day CHG~0.00%
Published-24 May, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.

Action-Not Available
Vendor-oniguruma_projectn/aThe PHP Group
Product-onigurumaphpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-1361
Matching Score-4
Assigner-Delta Electronics, Inc.
ShareView Details
Matching Score-4
Assigner-Delta Electronics, Inc.
CVSS Score-7.8||HIGH
EPSS-0.53% / 40.72%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 03:11
Updated-17 Feb, 2026 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASDA-Soft Stack-based Buffer Overflow Vulnerability

ASDA-Soft Stack-based Buffer Overflow Vulnerability

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-asda_softASDA-Soft
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-35712
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-36.75% / 98.30%
||
7 Day CHG~0.00%
Published-14 Oct, 2022 | 19:42
Updated-23 Apr, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe ColdFusion ODBC Agent Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server.

Action-Not Available
Vendor-Adobe Inc.
Product-coldfusionColdFusion
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3520
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-1.00% / 58.34%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.

Action-Not Available
Vendor-Vim
Product-vimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 44
  • 45
  • Next
Details not found