Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-36228

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-22 May, 2026 | 00:00
Updated At-22 May, 2026 | 17:38
Rejected At-
Credits

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:22 May, 2026 | 00:00
Updated At:22 May, 2026 | 17:38
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://easy.com
N/A
https://github.com/NullByte8080/CVE-2026-36228
N/A
Hyperlink: http://easy.com
Resource: N/A
Hyperlink: https://github.com/NullByte8080/CVE-2026-36228
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/NullByte8080/CVE-2026-36228
exploit
Hyperlink: https://github.com/NullByte8080/CVE-2026-36228
Resource:
exploit
Information is not available yet

Similar CVEs

128Records found
CVE-2025-3845
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.44% / 63.48%
||
7 Day CHG~0.00%
Published-21 Apr, 2025 | 22:00
Updated-15 Oct, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
markparticle WebServer buffer.cpp HasWritten buffer overflow

A vulnerability was found in markparticle WebServer up to 1.0. It has been declared as critical. Affected by this vulnerability is the function Buffer::HasWritten of the file code/buffer/buffer.cpp. The manipulation of the argument writePos_ leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-markparticlemarkparticle
Product-webserverWebServer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3723
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 19:31
Updated-12 May, 2025 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server MDTM Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component MDTM Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3725
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 20:00
Updated-12 May, 2025 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server MIC Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MIC Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3726
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 20:00
Updated-12 May, 2025 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server CD Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3682
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 10:31
Updated-29 Apr, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server PASV Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component PASV Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3680
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 09:31
Updated-29 Apr, 2025 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server LANG Command buffer overflow

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component LANG Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3679
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 09:31
Updated-16 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server HOST Command buffer overflow

A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3683
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 10:31
Updated-29 Apr, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server SIZE Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. This vulnerability affects unknown code of the component SIZE Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3727
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 20:31
Updated-12 May, 2025 | 20:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server STATUS Command buffer overflow

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3678
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 09:00
Updated-12 May, 2025 | 20:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server HELP Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component HELP Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3762
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-17 Apr, 2025 | 18:31
Updated-12 May, 2025 | 20:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server MPUT Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component MPUT Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3375
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.66% / 71.23%
||
7 Day CHG+0.18%
Published-07 Apr, 2025 | 16:31
Updated-08 Apr, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server CDUP Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component CDUP Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3378
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.41%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 18:00
Updated-07 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server EPRT Command buffer overflow

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component EPRT Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4290
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.65% / 71.06%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 21:31
Updated-16 May, 2025 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server SMNT Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SMNT Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3376
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.66% / 71.23%
||
7 Day CHG+0.18%
Published-07 Apr, 2025 | 17:00
Updated-08 Apr, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server CONF Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. This vulnerability affects unknown code of the component CONF Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3380
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.41%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 19:00
Updated-23 Apr, 2025 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server FEAT Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. Affected by this issue is some unknown functionality of the component FEAT Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3379
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.41%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 18:31
Updated-29 Apr, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server EPSV Command buffer overflow

A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. Affected by this vulnerability is an unknown functionality of the component EPSV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3373
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.41%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 15:31
Updated-07 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server SITE CHMOD Command buffer overflow

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component SITE CHMOD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3349
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.41%
||
7 Day CHG-0.14%
Published-07 Apr, 2025 | 11:00
Updated-07 Apr, 2025 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server SYST Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SYST Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3371
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.41%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 14:31
Updated-07 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server DELETE Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component DELETE Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4254
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.65% / 71.06%
||
7 Day CHG~0.00%
Published-04 May, 2025 | 23:31
Updated-16 May, 2025 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server LIST Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component LIST Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4251
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.65% / 71.06%
||
7 Day CHG~0.00%
Published-04 May, 2025 | 22:00
Updated-16 May, 2025 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server RMDIR Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4161
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 10:31
Updated-02 May, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server VERBOSE Command buffer overflow

A vulnerability classified as critical has been found in PCMan FTP Server up to 2.0.7. This affects an unknown part of the component VERBOSE Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4289
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.65% / 71.06%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 21:00
Updated-16 May, 2025 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server RNTO Command buffer overflow

A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component RNTO Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4237
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-03 May, 2025 | 15:00
Updated-06 May, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server MDELETE Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MDELETE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4184
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 23:31
Updated-02 May, 2025 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server QUOTE Command buffer overflow

A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component QUOTE Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-7735
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 21.37%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 05:15
Updated-06 May, 2026 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
osrg GoBGP AIGP Attribute bgp.go PathAttributeAigp.DecodeFromBytes buffer overflow

A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading to version 4.4.0 is able to address this issue. The patch is named 51ad1ada06cb41ce47b7066799981816f50b7ced. The affected component should be upgraded.

Action-Not Available
Vendor-osrgosrg
Product-gobgpGoBGP
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-28020
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.32% / 54.88%
||
7 Day CHG~0.00%
Published-23 Apr, 2025 | 00:00
Updated-06 May, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a800ra800r_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-28021
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.32% / 54.88%
||
7 Day CHG~0.00%
Published-23 Apr, 2025 | 00:00
Updated-06 May, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the downloadFile.cgi through the v14 and v3 parameters

Action-Not Available
Vendor-n/aTOTOLINK
Product-a810r_firmwarea810rn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3724
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 19:31
Updated-12 May, 2025 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server DIR Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component DIR Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3681
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 10:00
Updated-29 Apr, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server MODE Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MODE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3372
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.41%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 15:00
Updated-07 Apr, 2025 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server MKDIR Command buffer overflow

A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component MKDIR Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3377
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.66% / 71.23%
||
7 Day CHG+0.18%
Published-07 Apr, 2025 | 17:31
Updated-12 May, 2025 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server ENC Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component ENC Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3374
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.41%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 16:00
Updated-07 Apr, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server CCC Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component CCC Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-25687
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.45% / 63.90%
||
7 Day CHG+0.07%
Published-19 Oct, 2022 | 00:00
Updated-09 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3660wcd9340_firmwaresd210_firmwaremdm9250qcs6125_firmwaresw5100psd439wcd9385_firmwarewcn3988_firmwareqca6431_firmwareqcs610qam8295p_firmwareqcs6125sd210msm8976sg_firmwaremdm9206_firmwaresd778gapq8096au_firmwaresd460sd_8_gen1_5g_firmwareapq8052wcd9385wcn7850_firmwaresdx55m_firmwarewcd9340sd845qcn7606_firmwaresd730_firmwaremdm9150_firmwaresd690_5g_firmwareapq8056sd690_5gwcn7850mdm9250_firmwaresw5100p_firmwaresdx55mwcd9326apq8009w_firmwarewcn6851_firmwaresdm429wmdm9628sa8155qca6574_firmwaresd678_firmwareqca6595ausm7250p_firmwaresd480_firmwarewcn3680bsa8150pwcn3680_firmwaresd665wcn3660bwcd9330_firmwarewcn7851_firmwaremsm8208_firmwarewsa8835wcn3990_firmwarefsm10056_firmwarecsra6640apq8076wcn6750sdm429w_firmwareqca6320_firmwaresa8195psa6150pqca9367sd768g_firmwaresm4125sd780g_firmwaresd865_5gqca6421_firmwareqca6574asd429_firmwareqca6310_firmwaresd_675wcn3990sdxr2_5gwsa8810_firmwaresd670msm8952wcd9335_firmwarewcn3998_firmwareqcs4290wsa8815qca6436_firmwaresd888_5gsa6155psa8155psdx55qca6335qca6564amsm8608wcn3991_firmwareqca6564a_firmwarewcn3660b_firmwareqca6391_firmwaresa4155pqca6696_firmwarewcn6855sm6250sd710sd480qca4020_firmwaresd765wcn6750_firmwaremsm8956sa4150psd662_firmwaresd695csra6640_firmwaresd820sd845_firmwareqca6174asd660sd450sxr2150psdxr1_firmwaremsm8976sgsd205sm8475msm8909w_firmwarewcd9371_firmwareaqt1000_firmwaremsm8208qcm2290_firmwaremsm8108_firmwareqcs605apq8009wqca9377wcn3620wcn7851qcs4290_firmwaresa8155_firmwareqca9379_firmwarewcn6740qca6431sd730msm8909wfsm10056sa8145p_firmwarewcn3910wcn3910_firmwaresd888wcd9380_firmwarewcn6740_firmwaremsm8996au_firmwareapq8017_firmwarewcd9370sa6155apq8096ausd678qca6574ausa6145pqcc5100_firmwarewsa8815_firmwaresd680wcn3950_firmwaresdxr2_5g_firmwaresd870sw5100qca9377_firmwaresm7325psm4375msm8953_firmwareqca6426_firmwaresa8150p_firmwaresd870_firmwareqcs405_firmwarewcn3950qcs2290_firmwaresa6155_firmwaremdm9607wcd9380qcm4290_firmwaremdm9150qcs610_firmwareqca9379qcm4290wcd9326_firmwareqcm6125_firmwareqcn7606sm4125_firmwareapq8053_firmwaresd662wcn3615sd675wcn3991sd695_firmwareqca6420_firmwaresm7325p_firmwaresd750gqcm6125sd820_firmwarewcd9341msm8917_firmwaremdm9650_firmwareqca6426qca6335_firmwarewsa8835_firmwaresd821_firmwareqcs2290apq8056_firmwareqca6390sdw2500sd205_firmwaresd750g_firmwareqca6696wcn3980wcn6856_firmwaremdm9650sdx20msa6150p_firmwareqcs605_firmwaresd780gwcn3620_firmwaresd680_firmwareqcc5100sa8295psdxr1sa4155p_firmwareqca6420qca6174a_firmwaresd_636sm7250psd888_firmwarewcn3999apq8017sm6250psdw2500_firmwaresd_675_firmwareqca6430qualcomm215_firmwaresd675_firmwarewsa8810sd865_5g_firmwarewcd9341_firmwarewcn6850ar8031wcn3660_firmwaresxr2150p_firmwaremdm9628_firmwaremsm8976_firmwareqca6574a_firmwarewcn3999_firmwaresdx20_firmwareqca6595au_firmwareqcm2290sd460_firmwaresd439_firmwaresda429wsd720gapq8064ausa8295p_firmwaresw5100_firmwarewcn3610sd765g_firmwaresd632msm8953qca6390_firmwareqca6564au_firmwareqca6574wcn3610_firmwarewcn3998sm7315_firmwarewcd9335sd665_firmwareqca6430_firmwaresm6250_firmwarewcd9330qcs405qca6436sm6250p_firmwareaqt1000qca6421qcm6490msm8209apq8076_firmwaresd855_firmwaresdx50msd855wcn6856qcs410_firmwareqam8295pmdm9206wcn6855_firmwareqcm6490_firmwaremsm8108sd429mdm9607_firmwaremsm8956_firmwaresm4375_firmwaresa4150p_firmwareapq8009sd720g_firmwaresd835_firmwaresd778g_firmwarewcd9371msm8917qcs410qca4020apq8009_firmwaresd632_firmwareqca6391qca6595csra6620sd768gsd835sd710_firmwarewcn3615_firmwaresd670_firmwaresa6155p_firmwareqca6584auqca6584au_firmwareqcs6490_firmwaremsm8209_firmwaresa8195p_firmwareqca6574au_firmwarewcd9370_firmwaresa8155p_firmwaresd888_5g_firmwarewcn3680wcd9375qca6310sdx20m_firmwareapq8064au_firmwareapq8053apq8052_firmwaresda429w_firmwaresd821wsa8830msm8952_firmwareqca6564msm8996auwcd9375_firmwarewcn3980_firmwaresd765_firmwaresd765gmsm8608_firmwareqca6320qca6595_firmwarewcn6850_firmwaresd660_firmwaresdx20wcn6851qca6564_firmwaremsm8976sm7315qca9367_firmwareqcs6490ar8031_firmwarewcn3988qca6564auwsa8830_firmwarewcn3680b_firmwaresdx55_firmwarecsra6620_firmwarequalcomm215sd_636_firmwaresa8145psd450_firmwaresdx50m_firmwaresa6145p_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-32664
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.33% / 55.63%
||
7 Day CHG~0.00%
Published-07 May, 2024 | 14:57
Updated-19 Dec, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Suricata's base64 contains an out of bounds write

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use rules with `base64_decode` keyword with `bytes` option with value 1, 2 or 5 and for 7.0.x, setting `app-layer.protocols.smtp.mime.body-md5` to false.

Action-Not Available
Vendor-oisfOISFoisf
Product-suricatasuricatasuricata
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-25688
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.39% / 59.91%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610wcn3950_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresd632wcn3998wcd9371_firmwarewcn3950sm4125mdm9628sd720gmdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340qualcomm215_firmwaresd765gsw5100qca4020_firmwareqca6436sd680sa6155pwcn6851wcn7851_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresd450wcn3610wcn3991wcd9380_firmwaresdm429wmsm8996au_firmwaresw5100pwcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55msm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwaresd_636_firmwaresd670qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1apq8096auar8031qcs405_firmwaresdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439wcn3660sm8475p_firmwareqca9379qcm2290wcn3991_firmwarewsa8830sd678qcs2290_firmwaremdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwareqca6595auwcn3615wcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwareqca6310wcn7851qcs6490sd429sdxr2_5gqca9367sdm630mdm9607_firmwarewcn3988_firmwaresa6145p_firmwaresd429_firmwaresm6250sd778g_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwaremsm8953_firmwaremsm8917_firmwarewcn3620_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewsa8835_firmwarewcn3620wcn6850_firmwarewsa8815_firmwaresm7450apq8017qca6564aqcm2290_firmwarewcn3990sd_675sd780gsd865_5gsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaresm7315apq8009qca6391sd460sdxr1_firmwareaqt1000_firmwaremdm9626qcm4290qcm6490_firmwaresdx50mwsa8832_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaresd710mdm9607wcd9341_firmwarewsa8810wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-22419
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-0.54% / 67.80%
||
7 Day CHG~0.00%
Published-18 Jan, 2024 | 18:45
Updated-02 Jun, 2025 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
concat built-in can corrupt memory in vyper

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. The buffer overflow can result in the change of semantics of the contract. The overflow is length-dependent and thus it might go unnoticed during contract testing. However, certainly not all usages of concat will result in overwritten valid data as we require it to be in an internal function and close to the return statement where other memory allocations don't occur. This issue has been addressed in 0.4.0.

Action-Not Available
Vendor-vyperlangvyperlang
Product-vypervyper
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-21480
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.13% / 32.39%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption while playing audio file having large-sized input buffer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6678aq_firmwareqcm8550_firmwaresa6150p_firmwaresd865_5gsw5100pwsa8832wsa8845_firmwaresnapdragon_480_5g_mobileqca6595srv1mqca6678aqqca8081_firmwarewcd9370snapdragon_x35_5g_modem-rfar8035_firmwareqca6696wcd9340_firmwaresa8530psa4150p_firmwarewcd9395_firmwareqcn6024qcc710_firmwaresnapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_685_4g_mobilesa4150pwsa8815_firmwarewsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337wcd9395sg8275p_firmwareqcm6490_firmwareqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pqcm4490_firmwareqca6574auwcd9390sa8620p_firmwarewcn3950wsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwareqcs5430sa8295p_firmwareqcn6024_firmwaresa4155p_firmwareqcm5430qcm5430_firmwaresa4155psa8770pqca6584auqcn6274_firmwaressg2115pqcc710snapdragon_xr2_5g_firmwaresw5100_firmwaresa8540pwcn6740snapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqep8111sa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psnapdragon_xr2_5gsnapdragon_x65_5g_modem-rfsa8150pqcs4490snapdragon_680_4g_mobilewsa8845sa6155psxr1230pwsa8810qam8650psa9000psrv1h_firmwaresw5100qca6595auvideo_collaboration_vc3_platformsnapdragon_4_gen_1_mobile_firmwaresxr2250p_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qam8295p_firmwaresrv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6698aq_firmwaresnapdragon_4_gen_2_mobile_firmwarewcd9385snapdragon_8_gen_1_mobilesnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_680_4g_mobile_firmwaresa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobileqep8111_firmwaresg8275pwcd9370_firmwaressg2125psa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobilesnapdragon_x72_5g_modem-rf_firmwareqcm4490qca6174asa8195psnapdragon_x65_5g_modem-rf_firmwarewcd9340snapdragon_480\+_5g_mobile_firmwareqamsrv1msnapdragon_auto_5g_modem-rf_gen_2talynplusqca6174a_firmwareqcm6490sa8540p_firmwareqam8650p_firmwaresm8550p_firmwaresxr2250pqcm8550wcn3988qcs6490_firmwareqcn9024qca6584au_firmwarewcn3980_firmwareqcn6274qca6574qfw7124sa8775psnapdragon_w5\+_gen_1_wearableqca6595au_firmwaresxr2230p_firmwarewsa8835wsa8840_firmwaresw5100p_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwareqcn9024_firmwarewsa8845hwcd9380_firmwaresa6150pqca6574_firmwaresa8155p_firmwareqca8081wsa8815sg4150psa8155psd_8_gen1_5gwsa8830qam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresm8550psa6145psnapdragon_x75_5g_modem-rfqcm4325_firmwaresa8620psa8255p_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaresnapdragon_4_gen_1_mobilesnapdragon_4_gen_2_mobilesa8650p_firmwareqcm4325sd_8_gen1_5g_firmwarewcd9375_firmwareqcn6224qcs5430_firmwareqca6698aqsg4150p_firmwaressg2125p_firmwarewcn3950_firmwaresa8530p_firmwaresa8295psa8770p_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375sa8150p_firmwaresnapdragon_ar2_gen_1wcn3988_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_8\+_gen_1_mobile_firmwaresnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwaressg2115p_firmwareqcs6490snapdragon_695_5g_mobilesnapdragon_8_gen_3_mobilewcn3980fastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragonqam8255p_firmwaresa6155p_firmwareqca8337_firmwareqcm4490_firmwareqcm8550_firmwaresa6150p_firmwareqca6678aq_firmwareqcn6274_firmwareqcs4490_firmwareqcm6490_firmwaresa4155p_firmwarefastconnect_6900_firmwareqcs8550_firmwareqca6797aq_firmwareqcn6224_firmwaresa6145p_firmwarefastconnect_6700_firmwareqcn9024_firmwaresa7255p_firmwarefastconnect_7800_firmwareqca6595au_firmwareqamsrv1m_firmwareqca6698aq_firmwareqcm5430_firmwareqca6174a_firmwareqam8650p_firmwareqam8775p_firmwareqca6584au_firmwareqep8111_firmwareqca6696_firmwareqca6595_firmwareqcs6490_firmwareqfw7114_firmwareqcs5430_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqcn6024_firmwaresa4150p_firmwareqcm4325_firmwareqamsrv1h_firmwareqca6574_firmwareqcc710_firmwareqam8295p_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwareqca8081_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-0725
Matching Score-4
Assigner-curl
ShareView Details
Matching Score-4
Assigner-curl
CVSS Score-7.3||HIGH
EPSS-0.60% / 69.68%
||
7 Day CHG~0.00%
Published-05 Feb, 2025 | 09:18
Updated-27 Jun, 2025 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
gzip integer overflow

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

Action-Not Available
Vendor-zlibNetApp, Inc.CURL
Product-hci_h610s_firmwarehci_baseboard_management_controllersolidfire_\&_hci_management_nodezlibcurlsolidfire_\&_hci_storage_nodelibcurlhci_h610chci_h610shci_h615c_firmwarehci_h610c_firmwarehci_h615ccurl
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-21463
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.08% / 24.23%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:06
Updated-13 Jan, 2025 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Audio

Memory corruption while processing Codec2 during v13k decoder pitch synthesis.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfw7124_firmwarewcn6740_firmwaresnapdragon_685_4g_mobile_firmwareqcn6274wsa8840_firmwareqam8255p_firmwareqca6797aq_firmwaresa4155p_firmwaresnapdragon_888\+_5g_mobilesrv1hsa7255psnapdragon_8_gen_3_mobile_firmwarewcd9370snapdragon_4_gen_2_mobileqca6595au_firmwaresa8145p_firmwareqfw7114sxr1230pqcn6024snapdragon_4_gen_1_mobile_firmwarewsa8810_firmwareqam8650p_firmwareqca6574_firmwaresnapdragon_8\+_gen_2_mobilesnapdragon_8_gen_1_mobileqcc710_firmwaresa8650p_firmwareqcm4490_firmwareqca6595auar8035sa7255p_firmwarewcd9340sa6145pwcn3950wcd9395_firmwarewsa8845h_firmwaretalynplus_firmwareqca6696qcm4325qca8337ssg2115pqca6584au_firmwareqca6574au_firmwaresnapdragon_685_4g_mobilewsa8845wcd9375_firmwaresxr1230p_firmwaresnapdragon_680_4g_mobile_firmwareqcm4325_firmwaresa6150p_firmwaresnapdragon_888_5g_mobile_firmwarewsa8835_firmwaresnapdragon_4_gen_1_mobilesd_8_gen1_5gqamsrv1hsg4150p_firmwaresnapdragon_x75_5g_modem-rfwcd9390_firmwaresnapdragon_888_5g_mobilewsa8815_firmwaresnapdragon_8_gen_2_mobileqca6574asw5100talynplussnapdragon_8\+_gen_2_mobile_firmwarewsa8815sm8550p_firmwarewcd9385_firmwaresw5100p_firmwaresa8620p_firmwarewcn3950_firmwarewcd9395sw5100pqam8650psa8770psnapdragon_xr2_5g_firmwareqca6574a_firmwaresa8620psa8145psnapdragon_480_5g_mobile_firmwareqca6696_firmwaresnapdragon_w5\+_gen_1_wearable_firmwaresa6155pqep8111sa8150pwsa8830_firmwaresnapdragon_ar2_gen_1qca6698aqqamsrv1h_firmwarewcn3980_firmwareqcs8550qam8775pwcd9380_firmwaresnapdragon_x65_5g_modem-rfsxr2250p_firmwareqca6174a_firmwareqca8081snapdragon_695_5g_mobilewsa8840wcn3988_firmwareqca6574auqcn9024ssg2125par8035_firmwaresa8195psnapdragon_8_gen_3_mobileqca8337_firmwareqamsrv1msxr2230psa8770p_firmwarefastconnect_6700_firmwarewsa8832qcc710qcs4490snapdragon_x35_5g_modem-rffastconnect_7800_firmwaresa8155pqam8255pqfw7124qcm4490srv1h_firmwaresnapdragon_auto_5g_modem-rf_gen_2sg8275p_firmwarewsa8845_firmwareqcn6224sa8255p_firmwarewcn3980snapdragon_4_gen_2_mobile_firmwaresnapdragon_ar2_gen_1_firmwareqcm8550snapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_480\+_5g_mobilewcd9390snapdragon_w5\+_gen_1_wearablewsa8835qca6678aq_firmwaresnapdragon_680_4g_mobilesw5100_firmwarefastconnect_7800qcn6274_firmwaresxr2250pwsa8830sa8295p_firmwareqfw7114_firmwaresa8295pwcd9375qcs8550_firmwarefastconnect_6900snapdragon_xr2_5gsnapdragon_x35_5g_modem-rf_firmwaresa6150psnapdragon_695_5g_mobile_firmwarefastconnect_6200_firmwaresrv1m_firmwaresnapdragon_8_gen_2_mobile_firmwareqca6584auqca6595sa8155p_firmwarewcn6740qca6595_firmwaresnapdragon_480\+_5g_mobile_firmwareqep8111_firmwarefastconnect_6700qcn6224_firmwareqca6174asa8255psnapdragon_480_5g_mobilesnapdragon_x65_5g_modem-rf_firmwarewcn3988sa4155pqcn6024_firmwaressg2115p_firmwareqca6797aqwsa8845hqam8775p_firmwareqamsrv1m_firmwarefastconnect_6900_firmwareqam8295p_firmwaressg2125p_firmwarewcd9380wsa8832_firmwaresa8650pwcd9385sd865_5g_firmwaresm8550pwcd9340_firmwaresg4150psa8195p_firmwaresa4150p_firmwaresnapdragon_x75_5g_modem-rf_firmwareqca6574sa8150p_firmwaresa8775pqca8081_firmwaresa9000p_firmwaresnapdragon_8\+_gen_1_mobile_firmwareqcn9024_firmwareqcs4490_firmwaresa4150psa6155p_firmwaresrv1mqam8295psnapdragon_888\+_5g_mobile_firmwaresa9000psnapdragon_8_gen_1_mobile_firmwaresxr2230p_firmwaresa8775p_firmwareqca6698aq_firmwarefastconnect_6200sd865_5gqca6678aqsg8275pqcm8550_firmwaresa6145p_firmwarewcd9370_firmwaresd_8_gen1_5g_firmwaresnapdragon_8\+_gen_1_mobilewsa8810Snapdragonqam8255p_firmwaretalynplus_firmwareqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwaresg8275p_firmwarear8035_firmwareqcn6224_firmwaresxr1230p_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqfw7114_firmwarewcd9385_firmwareqcn6024_firmwareqcm4325_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwarewsa8845_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwaresa9000p_firmwareqca6574a_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarefastconnect_6200_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwarewcn3980_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn6740_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcm4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqca6678aq_firmwareqcn6274_firmwareqcs4490_firmwaresa8775p_firmwarewsa8840_firmwaresa4155p_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwarewcn3988_firmwareqca6797aq_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwareqcn9024_firmwaresa7255p_firmwarewsa8810_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqca6174a_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6696_firmwareqca6595_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwaresxr2250p_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwareqfw7124_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-12988
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.24% / 47.04%
||
7 Day CHG~0.00%
Published-27 Dec, 2024 | 17:00
Updated-28 May, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear R6900P/R7000P HTTP Header sub_16C4C buffer overflow

A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-r7000p_firmwarer6900p_firmwarer7000pr6900pR6900PR7000P
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-5356
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-30 May, 2025 | 16:31
Updated-02 Jun, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server BYE Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component BYE Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5074
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 12:00
Updated-05 Jun, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server PROMPT Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component PROMPT Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43548
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.14% / 34.35%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Video

Memory corruption while parsing qcp clip with invalid chunk data size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gsxr1120qca6595qcs610_firmwarewcd9335wcd9370snapdragon_670_mobileqca6696wcd9340_firmwarewcd9341_firmwaresnapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700wcn3610snapdragon_780g_5g_mobilesnapdragon_685_4g_mobilesa4150psnapdragon_782g_mobile_firmwaresnapdragon_wear_4100\+_firmwarewsa8832_firmwaresnapdragon_665_mobile_firmwareqca6574au_firmwaresnapdragon_690_5g_mobile_firmwareqcn7606_firmwareqam8295pwcd9341qca6574ausnapdragon_888\+_5g_mobile_firmwarewsa8810_firmwaresd730_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hwcn3660b_firmwaresd730snapdragon_690_5g_mobilefastconnect_6800_firmwaresd835_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770psnapdragon_678_mobile_firmwaressg2115psnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwaresnapdragon_wear_4100\+fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_730_mobile_firmwarewcd9385_firmwareqca6310qam8255p_firmwareqcs4490snapdragon_730_mobilesnapdragon_680_4g_mobilesa6155pwsa8810qam8650psnapdragon_835_mobilesa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwaresnapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaresnapdragon_845_mobile_firmwarewcd9326_firmwaresrv1m_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesd835snapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3910_firmwaresnapdragon_460_mobileqca6420wcn3910wcd9370_firmwaresnapdragon_835_mobile_firmwarewcn3660bqca6574asa8195pwcd9340qcm2290qcm6490wcn3988snapdragon_765_5g_mobile_firmwaresnapdragon_662_mobilesa8775pqca6574sxr2230p_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresa8775p_firmwareqamsrv1hsa6150pwcd9326qcs410qcm2290_firmwaresa8155p_firmwaresa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwareqamsrv1m_firmwaresnapdragon_4_gen_2_mobilesa8650p_firmwaresnapdragon_865\+_5g_mobile_firmwareqca6698aqssg2125p_firmwaresm6250wcn3950_firmwaresnapdragon_480\+_5g_mobilefastconnect_6200sd670wcn3680bsa8145p_firmwaresm7325p_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwaresa8150p_firmwarefastconnect_6700_firmwaresnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwareqcs6490snapdragon_695_5g_mobilesnapdragon_855_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqca6678aq_firmwaresd660_firmwarewsa8832snapdragon_480_5g_mobilesrv1mqca6678aqsnapdragon_860_mobile_firmwaresnapdragon_778g\+_5g_mobileqca6320sa4150p_firmwaresd888_firmwarewsa8815_firmwaresa8195p_firmwareqcm4290snapdragon_xr2\+_gen_1qcm6490_firmwaresnapdragon_665_mobilesm7250p_firmwareqcm4490_firmwarewcn3950snapdragon_870_5g_mobile_firmwaresnapdragon_730g_mobile_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobilesnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesnapdragon_678_mobilesa4155p_firmwaresnapdragon_720g_mobilesm6250_firmwaresm7250pqca6320_firmwaresd888snapdragon_675_mobile_firmwaresw5100_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwareqca6310_firmwaresnapdragon_845_mobilefastconnect_6800qca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psnapdragon_xr2_5gsa8150psxr1230psw5100video_collaboration_vc3_platformaqt1000snapdragon_4_gen_1_mobile_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315snapdragon_660_mobileqca6698aq_firmwareqcs2290snapdragon_888\+_5g_mobileqcn7606wcd9385qcs2290_firmwaresnapdragon_8_gen_1_mobilesnapdragon_xr2\+_gen_1_firmwaresnapdragon_680_4g_mobile_firmwarewcn3610_firmwaresa8255pqcs4290sxr1230p_firmwaresnapdragon_865\+_5g_mobileqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobilesnapdragon_860_mobilessg2125pqcm4490snapdragon_480\+_5g_mobile_firmwareqamsrv1msm7325psnapdragon_732g_mobile_firmwareqam8650p_firmwaresnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwarewcn3980_firmwarewsa8835qca6595au_firmwareqca6391_firmwareqcs610sw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarewsa8815sd660sd_8_gen1_5gqam8775pqca6574a_firmwaresnapdragon_4_gen_1_mobileqcm4290_firmwaresnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca6391snapdragon_710_mobilesa8770p_firmwaresa8295pfastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresnapdragon_xr1wcd9375snapdragon_765g_5g_mobilewcn3988_firmwareqamsrv1h_firmwaresa8145psnapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwarewcn3980wcn3680b_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwarewcn3980_firmwaresnapdragon_720g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8832_firmwareqcs4490_firmwarewcn3660b_firmwareqca6696_firmwaresa8150p_firmwaresa8775p_firmwaresd888_firmwaresrv1h_firmwaresd855_firmwaresd670_firmwaresnapdragon_780g_5g_mobile_platform_firmwarewsa8835_firmwaresnapdragon_xr1_platform_firmwaresa8255p_firmwaresm7325p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqca6595au_firmwaresnapdragon_660_mobile_platform_firmwaresnapdragon_855_mobile_platform_firmwareqcm6490_firmwareaqt1000_firmwareqamsrv1h_firmwareqcs6490_firmwaresa8155p_firmwarefastconnect_6200_firmwaresa4155p_firmwaresa6145p_firmwaresnapdragon_835_mobile_pc_platform_firmwaresa8295p_firmwaresm6250_firmwareqca6420_firmwaresnapdragon_845_mobile_platform_firmwaresa4150p_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa6150p_firmwaresxr1230p_firmwaresm7250p_firmwareqca6391_firmwaresnapdragon_675_mobile_platform_firmwaresm7315_firmwareqca6698aq_firmwaresnapdragon_680_4g_mobile_platform_firmwarefastconnect_6900_firmwaresa8770p_firmwaresd835_firmwarewcd9385_firmwarewcd9370_firmwarewcd9380_firmwareqam8775p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewsa8810_firmwaresnapdragon_710_mobile_platform_firmwarewcn3610_firmwarefastconnect_7800_firmwaresxr1120_firmwaresw5100p_firmwarewcd9341_firmwaresd730_firmwaresnapdragon_865_5g_mobile_platform_firmwarewsa8830_firmwaresxr2230p_firmwaressg2125p_firmwareqam8295p_firmwaressg2115p_firmwareqca6320_firmwareqca6574_firmwarewcd9335_firmwareqamsrv1m_firmwareqca6595_firmwaresa8145p_firmwarewcd9326_firmwareqam8650p_firmwareqcm4490_firmwareqcm2290_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcn3950_firmwaresnapdragon_480_5g_mobile_platform_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_662_mobile_platform_firmwareqcs4290_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresrv1m_firmwareqcs610_firmwarewsa8815_firmwareqcs2290_firmwaresnapdragon_460_mobile_platform_firmwarewcn3990_firmwaresa8195p_firmwarewcn3680b_firmwarewcn3910_firmwareqcn7606_firmwaresnapdragon_690_5g_mobile_platform_firmwaresw5100_firmwaresa9000p_firmwarewcd9340_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6430_firmwaresd865_5g_firmwarefastconnect_6800_firmwaresnapdragon_665_mobile_platform_firmwaresd660_firmwareqca6574au_firmwareqcs410_firmwareqam8255p_firmwaresa6155p_firmwareqca6310_firmwareqcm4290_firmwaresa8650p_firmwareqca6678aq_firmwarewcn6740_firmwaresd_8_gen1_5g_firmwarewcd9375_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-43519
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.11% / 28.50%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Video

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gqca6595qcs610_firmwarewcd9335wcd9370qca6696wcd9340_firmwarewcd9341_firmwaresnapdragon_730_mobile_platformwcn6740_firmwarefastconnect_6700wcn3610snapdragon_768g_5g_mobile_platform_firmwaresa4150pwsa8832_firmwaresnapdragon_460_mobile_platformqca6574au_firmwareqcn7606_firmwareqam8295pwcd9341qca6574auwsa8810_firmwaresd730_firmwaresa9000p_firmwaresrv1hsnapdragon_835_mobile_pc_platform_firmwarewcn3660b_firmwaresd730snapdragon_730g_mobile_platform_firmwarefastconnect_6800_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_778g\+_5g_mobile_platformsa8770pssg2115psnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwarefastconnect_6900snapdragon_765g_5g_mobile_platformvideo_collaboration_vc1_platformwcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemqca6310qam8255p_firmwaresnapdragon_888_5g_mobile_platform_firmwareqcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_685_4g_mobile_platformsa6155psnapdragon_768g_5g_mobile_platformwsa8810qam8650psa9000psrv1h_firmwareqca6595ausm7315_firmwaresa6155p_firmwaresrv1m_firmwaresd835snapdragon_870_5g_mobile_platform_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_8\+_gen_1_mobile_platformqcs4490_firmwarewcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_855\+\/860_mobile_platform_firmwareqca6420wcn3910wcd9370_firmwaresnapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_660_mobile_platformwcn3660bqca6574asa8195pwcd9340qcm2290qcm6490wcn3988sa8775pqca6574snapdragon_460_mobile_platform_firmwaresxr2230p_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformsa8775p_firmwareqamsrv1hsa6150pqcs410qcm2290_firmwaresa8155p_firmwaresa8155psnapdragon_675_mobile_platformwsa8830snapdragon_662_mobile_platformsa6145psnapdragon_8\+_gen_1_mobile_platform_firmwaresnapdragon_765_5g_mobile_platformsa8255p_firmwaresnapdragon_665_mobile_platformqamsrv1m_firmwaresa8650p_firmwaresnapdragon_678_mobile_platform_firmwareqca6698aqssg2125p_firmwaresm6250wcn3950_firmwaresnapdragon_8_gen_1_mobile_platformfastconnect_6200wcn3680bsa8145p_firmwaresm7325p_firmwaresnapdragon_730g_mobile_platformsnapdragon_888\+_5g_mobile_platformsa8150p_firmwaresnapdragon_855\+\/860_mobile_platformsnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_680_4g_mobile_platform_firmwareqcs6490fastconnect_6200_firmwarewsa8830_firmwaresd660_firmwarewsa8832srv1msnapdragon_675_mobile_platform_firmwaresnapdragon_730_mobile_platform_firmwaresnapdragon_888_5g_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6320sa4150p_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwarewsa8815_firmwaresa8195p_firmwareqcm4290snapdragon_680_4g_mobile_platformqcm6490_firmwaresm7250p_firmwareqcm4490_firmwaresnapdragon_855_mobile_platformwcn3950snapdragon_xr2_5g_platformsnapdragon_7c\+_gen_3_computesnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_780g_5g_mobile_platformsa8295p_firmwaresa4155p_firmwaresnapdragon_720g_mobile_platformsm6250_firmwaresm7250psnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqca6320_firmwaresd888snapdragon_4_gen_2_mobile_platformsw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwarewcn6740qca6310_firmwarefastconnect_6800qca6595_firmwaresnapdragon_685_4g_mobile_platform_firmwarefastconnect_7800_firmwaresnapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psnapdragon_732g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_4_gen_1_mobile_platformsa8150psnapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwaresnapdragon_835_mobile_pc_platformsxr1230psnapdragon_865\+_5g_mobile_platformsw5100video_collaboration_vc3_platformaqt1000snapdragon_865_5g_mobile_platform_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315qca6698aq_firmwareqcs2290wcd9385qcn7606qcs2290_firmwarewcn3610_firmwaresnapdragon_678_mobile_platformsa8255psnapdragon_720g_mobile_platform_firmwareqcs4290sxr1230p_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformqca6430ssg2125pqcm4490qamsrv1msnapdragon_xr2\+_gen_1_platformsm7325pqam8650p_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwarewcn3980_firmwaresnapdragon_480_5g_mobile_platform_firmwarewsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwaresnapdragon_732g_mobile_platformsnapdragon_782g_mobile_platformqca6696_firmwareqcs4290_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwareqca6574_firmwarewsa8815sd660sd_8_gen1_5gqam8775pqca6574a_firmwareqcm4290_firmwaresnapdragon_480\+_5g_mobile_platformsd_8_gen1_5g_firmwarewcd9375_firmwareqca6391snapdragon_778g_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platformsa8770p_firmwaresa8295pfastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375wcn3988_firmwareqamsrv1h_firmwaresa8145psnapdragon_wear_4100\+_platformsnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_660_mobile_platform_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwarewcn3680b_firmwareqcs610Snapdragonqcm2290_firmwareqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwaresnapdragon_662_mobile_platform_firmwarewcd9380_firmwaresa6150p_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresxr1230p_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwaresm7325p_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwarewcn3660b_firmwaresa9000p_firmwareqca6320_firmwaresm7315_firmwareqca6574au_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3680b_firmwarewcd9375_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresm7250p_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwaresnapdragon_680_4g_mobile_platform_firmwareaqt1000_firmwarewcn6740_firmwaresa6155p_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcs4490_firmwaresa8775p_firmwareqcm6490_firmwaresa8650p_firmwaresa4155p_firmwarewsa8832_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcn7606_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresa8255p_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwaresd835_firmwareqcs4290_firmwaresa8770p_firmwareqam8650p_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqca6391_firmwaresnapdragon_665_mobile_platform_firmwaresa4150p_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresm6250_firmwaresd888_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresd660_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaressg2115p_firmwaresw5100_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwaresnapdragon_720g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-55045
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.05% / 15.27%
||
7 Day CHG+0.01%
Published-13 May, 2026 | 00:00
Updated-14 May, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Firmament-Autopilot FMT-Firmware commit de5aec was discovered to contain a buffer overflow via the task_mavobc_entry function at /comm/task_comm.c.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-25659
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.39% / 60.03%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610wcn3950_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresd632wcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd765gqualcomm215_firmwaresw5100sd680qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremsm8937mdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresd450wcn3610wcn3991wcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55msm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1ar8031apq8096auqcs405_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439wcn3660sm8475p_firmwareqca9379qcm2290wcn3991_firmwarewsa8830sd678qcs2290_firmwaremdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwareqca6310pm8937wcn7851sd429qcs6490sdxr2_5gqca9367sdm630mdm9607_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwaremsm8953_firmwaremsm8917_firmwarewcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620sm7450apq8017qca6564aqcm2290_firmwarewcn3990sd_675sd780gsd865_5gsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaresm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaremdm9626qcm4290qcm6490_firmwaresdx50mwsa8832_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausd710sa8155p_firmwaremdm9607wcd9341_firmwarewsa8810wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5592
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 14:00
Updated-09 Jun, 2025 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server PASSIVE Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component PASSIVE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5664
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 65.25%
||
7 Day CHG~0.00%
Published-05 Jun, 2025 | 14:31
Updated-05 Jun, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server RESTART Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found