Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-52195

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-30 Jun, 2026 | 00:00
Updated At-01 Jul, 2026 | 15:13
Rejected At-
Credits

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_472f08 component

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:30 Jun, 2026 | 00:00
Updated At:01 Jul, 2026 | 15:13
Rejected At:
â–¼CVE Numbering Authority (CNA)

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_472f08 component

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://utt.com.cn/downloadcenter.php?filetypeid=3&model=518G&lang=zhcn
N/A
https://github.com/akuma-QAQ/CVEreport/tree/main/518G/FUN_00472f08
N/A
Hyperlink: https://utt.com.cn/downloadcenter.php?filetypeid=3&model=518G&lang=zhcn
Resource: N/A
Hyperlink: https://github.com/akuma-QAQ/CVEreport/tree/main/518G/FUN_00472f08
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/akuma-QAQ/CVEreport/tree/main/518G/FUN_00472f08
exploit
Hyperlink: https://github.com/akuma-QAQ/CVEreport/tree/main/518G/FUN_00472f08
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:30 Jun, 2026 | 23:17
Updated At:01 Jul, 2026 | 16:16

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_472f08 component

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
N/A
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-120Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-120
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/akuma-QAQ/CVEreport/tree/main/518G/FUN_00472f08cve@mitre.org
N/A
https://utt.com.cn/downloadcenter.php?filetypeid=3&model=518G&lang=zhcncve@mitre.org
N/A
https://github.com/akuma-QAQ/CVEreport/tree/main/518G/FUN_00472f08134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://github.com/akuma-QAQ/CVEreport/tree/main/518G/FUN_00472f08
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://utt.com.cn/downloadcenter.php?filetypeid=3&model=518G&lang=zhcn
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/akuma-QAQ/CVEreport/tree/main/518G/FUN_00472f08
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

522Records found

CVE-2025-50653
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.52% / 40.11%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem parameters in the /time_group.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-50612
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.37% / 28.99%
||
7 Day CHG~0.00%
Published-13 Aug, 2025 | 00:00
Updated-18 Aug, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack.

Action-Not Available
Vendor-n/aNetis Systems Co., Ltd.
Product-wf2880wf2880_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-22845
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.23% / 65.30%
||
7 Day CHG+0.03%
Published-28 Feb, 2022 | 18:48
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-50652
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.13%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45651
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.82% / 52.88%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45645
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.58%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45663
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-i22_firmwarei22n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-22886
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.55% / 72.14%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 14:44
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45669
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.57%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-i22_firmwarei22n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-57392
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.06% / 60.54%
||
7 Day CHG~0.00%
Published-06 Feb, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service (DoS) on the FTP service by sending a maliciously crafted message to the ProFTPD service port.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45656
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.58%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45657
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.58%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45660
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.58%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45664
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-i22_firmwarei22n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45659
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.58%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-23257
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.87% / 54.34%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 00:00
Updated-13 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability found in Espruino 2v05.41 allows an attacker to cause a denial of service via the function jsvGarbageCollectMarkUsed in file src/jsvar.c.

Action-Not Available
Vendor-espruinon/a
Product-espruinon/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45654
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.58%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45647
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45650
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45648
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.58%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4896
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.68% / 48.00%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 21:00
Updated-27 May, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 UserCongratulationsExec buffer overflow

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/UserCongratulationsExec. The manipulation of the argument getuid leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10ac10_firmwareAC10
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45641
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.58%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45644
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-22876
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.55% / 72.14%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 14:43
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in quickjs.c in QuickJS, allows remote attackers to cause denial of service. This issue is resolved in the 2020-07-05 release.

Action-Not Available
Vendor-quickjs_projectn/a
Product-quickjsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-22885
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.55% / 72.14%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 14:44
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-5412
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.66% / 47.13%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:18
Updated-24 Feb, 2026 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-dx4510-b0_firmwareex5601-t1_firmwareex5512-t0vmg4005-b50aex5510-b0vmg3927-t50k_firmwareax7501-b0_firmwareax7501-b1_firmwarenebula_fwa510_firmwarenr7103_firmwareex7501-b0_firmwaredx3300-t1_firmwarenebula_lte3301-pluspm5100-t0_firmwarenr5103ev2vmg3625-t50bnr5307ax7501-b0vmg3927-t50kpx3321-t1ex5401-b0_firmwaredx5401-b0ex7710-b0_firmwarenebula_fwa505_firmwareex3501-t0_firmwarewx3401-b0dx4510-b0nebula_fwa505nebula_lte3301-plus_firmwarepm7300-t0_firmwarevmg4005-b60a_firmwareemg3525-t50b_firmwarepm3100-t0dx5401-b0_firmwareex5401-b0vmg8825-t50kscr50axe_firmwaredx5401-b1nr7302_firmwareex5401-b1_firmwareemg3525-t50bemg5723-t50kex5510-b0_firmwarewx3100-t0dx5401-b1_firmwareex5601-t1nr5103ev2_firmwarenr7303nr7302wx3401-b0_firmwarepm7300-t0nr7501_firmwarenr5103_firmwareemg5723-t50k_firmwarevmg8623-t50b_firmwarenebula_fwa710_firmwareex3301-t0ex3510-b0dx3301-t0ex7501-b0wx5600-t0_firmwareex5401-b1nr5103ex3500-t0ex3300-t1_firmwarescr_50axedx3301-t0_firmwareex3500-t0_firmwarevmg8825-t50k_firmwarevmg3625-t50b_firmwarenr7303_firmwarevmg8623-t50bvmg4005-b50a_firmwareex5601-t0_firmwareex3301-t0_firmwarenebula_fwa710vmg4005-b60adx3300-t0ex5601-t0nr5307_firmwaredx3300-t1ex3510-b0_firmwareex7710-b0wx3100-t0_firmwareex3300-t0ex3300-t1nebula_fwa510wx5600-t0pm5100-t0ex5512-t0_firmwarenr7501ex3300-t0_firmwareemg5523-t50b_firmwarepx3321-t1_firmwarenr7103ex3501-t0ax7501-b1dx3300-t0_firmwareemg5523-t50bpm3100-t0_firmwareVMG8825-T50K firmwarevmg8825-t50k_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4897
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-4.29% / 89.94%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 21:31
Updated-27 May, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A15 HTTP POST Request multimodalAdd buffer overflow

A vulnerability was found in Tenda A15 15.13.07.09/15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/multimodalAdd of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a15_firmwarea15A15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-44232
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.08%
||
7 Day CHG~0.00%
Published-26 Apr, 2023 | 00:00
Updated-03 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libming 0.4.8 0.4.8 is vulnerable to Buffer Overflow. In getInt() in decompile.c unknown type may lead to denial of service. This is a different vulnerability than CVE-2018-9132 and CVE-2018-20427.

Action-Not Available
Vendor-libmingn/a
Product-libmingn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-41299
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.78%
||
7 Day CHG~0.00%
Published-25 Sep, 2023 | 11:41
Updated-24 Sep, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-43365
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.59%
||
7 Day CHG~0.00%
Published-27 Oct, 2022 | 00:00
Updated-12 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

Action-Not Available
Vendor-ip-comn/a
Product-ew9_firmwareew9n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-43343
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.08% / 61.02%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-01 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c.

Action-Not Available
Vendor-n-prolog_projectn/a
Product-n-prologn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-53379
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.18%
||
7 Day CHG~0.00%
Published-23 Jan, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit 64808a5e12c83b38f85c943dee0112e428dc2a43 allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hello message.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-53319
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 31.16%
||
7 Day CHG+0.02%
Published-31 Jan, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap buffer overflow in the XML Text Escaping component of Qualisys C++ SDK commit a32a21a allows attackers to cause Denial of Service (DoS) via escaping special XML characters.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-21574
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.95% / 56.81%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 17:45
Updated-04 Aug, 2024 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function.

Action-Not Available
Vendor-c-http_projectn/a
Product-c-httpn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-20657
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.99% / 58.24%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 17:45
Updated-04 Aug, 2024 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denial of service via an unexpected packet while trying to connect.

Action-Not Available
Vendor-libiec_iccp_mod_projectn/a
Product-libiec_iccp_modn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-54105
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.19% / 8.98%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 11:59
Updated-12 Dec, 2024 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-50784
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.91% / 77.23%
||
7 Day CHG~0.00%
Published-16 Dec, 2023 | 00:00
Updated-04 Nov, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.

Action-Not Available
Vendor-unrealircdn/a
Product-unrealircdn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-21041
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.05% / 78.91%
||
7 Day CHG~0.00%
Published-24 May, 2021 | 17:31
Updated-04 Aug, 2024 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service

Action-Not Available
Vendor-n/aDebian GNU/LinuxFFmpeg
Product-ffmpegdebian_linuxn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-53027
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.28% / 19.38%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in WLAN Host

Transient DOS may occur while processing the country IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcm8550_firmwareqcs410_firmwaresd865_5gapq8017sw5100psxr1120sa6150p_firmwarewcn6650qca6595qcs610_firmwarewcd9335snapdragon_8\+_gen_1wcd9370qca8081_firmwaresnapdragon_429_firmwareqca6696qam8620p_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwareqcn6024qcc2073_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700wcn3610snapdragon_695_5gsa4150psnapdragon_888_5gwsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_4_gen_2_firmwareqca6574au_firmwareqca6564_firmwaresm6370qam8295pwcd9341qca6574ausnapdragon_820_automotivewcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_429csra6640sa9000p_firmwaresrv1hsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gsm8650q_firmwarewcn3660b_firmwareqcs9100qca6554asnapdragon_8\+_gen_2snapdragon_820_automotive_firmwareqcs5430fastconnect_6800_firmwaresnapdragon_865\+_5g_firmwaresd835_firmwareqcn6024_firmwaresnapdragon_x65_5gqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_888\+_5g_firmwaresa8770pqcm6125_firmwareqcc710snapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresa8540psxr1120_firmwareqca6777aqsnapdragon_660_firmwaresnapdragon_4_gen_2fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_8_gen_2_firmwarevideo_collaboration_vc1_platformsnapdragon_x72_5gqep8111sa7255psm8635qfw7114wcd9385_firmwareqca6310qam8255p_firmwaresnapdragon_778g_5gsa8155_firmwaresdx61qcs4490snapdragon_662_firmwareqca6787aqwsa8845sa6155pqcm6125qca6564au_firmwarewsa8810205video_collaboration_vc5_platform_firmwareqam8650psa9000psrv1h_firmwareqca6595ausxr2250p_firmwaresm7315_firmwaresnapdragon_865_5g_firmwarewcd9326_firmwaresa6155p_firmwarewsa8840mdm9640_firmwaresrv1m_firmwareqcs8550_firmwaresd835qfw7124_firmwareqca6436_firmwaresnapdragon_x35_5g_firmwareqcs4490_firmwarewcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresm8635psnapdragon_680_4gwcn3910snapdragon_212_firmwarewcd9370_firmwareqca9367snapdragon_8_gen_2snapdragon_480\+_5g_firmwareqcc2076snapdragon_835_pc_firmwarewcn3660bqca6574asa7255p_firmwarewcn3620_firmwareqca6174asnapdragon_695_5g_firmwaresa8195pwcd9340qcs8250_firmwareqcm2290talynplussnapdragon_auto_5g_modem-rf_gen_2qcm6490sa8540p_firmwaresxr2250psm8550p_firmwareqcm8550wcn3988snapdragon_x55_5g_firmwaresm6370_firmwareqcn9274qcn9024sa8775pqca6574sxr2230p_firmwareqca6777aq_firmwaresa8775p_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hwcd9326sa6150pqcs410qcm2290_firmwaresm8650qsa8155p_firmwareqca6564asa8155pwsa8830snapdragon_870_5g_firmwaresm8550psa6145psnapdragon_x65_5g_firmwaresm7675_firmwaresa8255p_firmwaresnapdragon_888\+_5gsnapdragon_x75_5gqcc2073ar8035sm7635_firmwaremsm8996auqamsrv1m_firmwareqca6564sa8650p_firmwaresa6155wcn3620snapdragon_x72_5g_firmwaresrv1l_firmwareqcs9100_firmwareqcn6224qcs615snapdragon_782gqca6698aqwcn3950_firmwaresa7775p_firmwaresm7635sa8530p_firmwarefastconnect_6200sm7325p_firmwaresa8145p_firmwarewcd9378snapdragon_210_firmwaresm8635p_firmwaresa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_778g_5g_firmwaresnapdragon_780g_5gqcs6490qcs8250snapdragon_210snapdragon_x5_lte_firmwarefastconnect_6200_firmwaresnapdragon_778g\+_5gwsa8830_firmwareqcn6224_firmwareqca6678aq_firmwarewsa8845_firmwaresd660_firmwarewsa8832sdx61_firmwarewcd9378_firmwareqcc2076_firmwaresrv1lsxr2130_firmwaresrv1msm7675pqca6678aqar8035_firmwaresnapdragon_680_4g_firmwareqca6320sa4150p_firmwaresd888_firmwareqca6564auqcs6125_firmwaresm4635snapdragon_460wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwareqcm4290snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_xr2\+_gen_1sg8275p_firmwareqca9377_firmwaresnapdragon_x62_5gqcm6490_firmwaresnapdragon_685_4gsm4635_firmwaresm4125205_firmwarewcn3950qcs6125qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computetalynplus_firmwaresa8295p_firmwaresmart_audio_400_firmwaresnapdragon_460_firmwaresa4155p_firmwaresa8155qcn6274_firmwaresd888qca6320_firmwareqca6584auwcn6755_firmwaresw5100_firmwarewcn6740wcn6650_firmwareqca6310_firmwarefastconnect_6800qfw7114_firmwaresnapdragon_662qcs7230qca6595_firmwaresnapdragon_x5_ltefastconnect_7800_firmwaresm8635_firmwarefastconnect_6900_firmwareapq8017_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa6155_firmwaresnapdragon_xr2_5gsa8150psxr2330pwcn6755snapdragon_888_5g_firmwaresnapdragon_835_pcsnapdragon_8\+_gen_2_firmwaremsm8996au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresm6650sw5100video_collaboration_vc3_platformqca6688aqqam8295p_firmwaresnapdragon_8_gen_1_firmwarewcn3990_firmwaresm7315qca6175a_firmwareqca6698aq_firmwareqcs2290qca6564a_firmwarewcd9385qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwareqca9367_firmwarewcn3610_firmwaresnapdragon_8_gen_1sa8255pqcs7230_firmwareqcs4290wcd9390_firmwaresnapdragon_x62_5g_firmwaresnapdragon_8_gen_3qep8111_firmwareqcs615_firmwaresg8275psnapdragon_782g_firmwaresnapdragon_x55_5gsnapdragon_auto_5g_modem-rfqca6554a_firmwaresxr2130snapdragon_4_gen_1snapdragon_870_5gcsra6640_firmwareqamsrv1msnapdragon_480\+_5gqca6174a_firmwaresnapdragon_685_4g_firmwaresm7325pqam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresm6650_firmwaresnapdragon_480_5gwcn3980_firmwareqam8620pmdm9640qca6436wcd9335_firmwaresdm429wwsa8835wsa8840_firmwareqca6391_firmwareqca6584au_firmwareqcn6274qfw7124qca6595au_firmwareqcs8300_firmwaresw5100p_firmwareqca6696_firmwareqcs4290_firmwareqcs8300wcd9380_firmwareqca6574_firmwarewsa8815sd660csra6620mdm9628qca8081sg4150pqam8775pqca9377snapdragon_ar2_gen_1_firmwaresd_8_gen1_5gqca6797aqmdm9628_firmwaresnapdragon_x35_5gsa8620psnapdragon_660qca6574a_firmwareqcm4290_firmwaresnapdragon_8\+_gen_1_firmwareqca6175asd_8_gen1_5g_firmwareqca6787aq_firmwarewcd9375_firmwareqca6391snapdragon_x75_5g_firmwaresa7775psnapdragon_8_gen_3_firmwareqcn9274_firmwareqcs5430_firmwaresg4150p_firmwaresnapdragon_780g_5g_firmwaresa8770p_firmwarecsra6620_firmwaresa8295pqcs8550fastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresnapdragon_xr1wcd9375qca6688aq_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675sa8145psnapdragon_212wsa8835_firmwarewcn3980sm7675p_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52949
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.73% / 49.65%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 00:00
Updated-14 Oct, 2025 | 17:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

Action-Not Available
Vendor-iptraf-ngn/a
Product-iptraf-ngn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-41966
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-8.69% / 94.48%
||
7 Day CHG~0.00%
Published-27 Dec, 2022 | 23:07
Updated-23 May, 2025 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XStream Denial of Service via stack overflow

XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable.

Action-Not Available
Vendor-xstreamx-stream
Product-xstreamxstream
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2022-41485
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.78% / 51.49%
||
7 Day CHG~0.00%
Published-13 Oct, 2022 | 00:00
Updated-15 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6v2.0_firmwareac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-41484
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 48.67%
||
7 Day CHG~0.00%
Published-13 Oct, 2022 | 00:00
Updated-15 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1900 AP500(US)_V1_180320(Beta) was discovered to contain a buffer overflow in the 0x32384 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ap500ap500v1_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-41482
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 48.67%
||
7 Day CHG~0.00%
Published-13 Oct, 2022 | 00:00
Updated-15 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47c5dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6v2.0_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-41481
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.78% / 51.49%
||
7 Day CHG~0.00%
Published-13 Oct, 2022 | 00:00
Updated-15 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6v2.0_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-41480
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 48.67%
||
7 Day CHG~0.00%
Published-13 Oct, 2022 | 00:00
Updated-15 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x475dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6v2.0_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-41436
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.56% / 42.42%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 00:00
Updated-03 Jul, 2025 | 12:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ClickHouse v24.3.3.102 was discovered to contain a buffer overflow via the component DB::evaluateConstantExpressionImpl.

Action-Not Available
Vendor-clickhousen/aclickhouse
Product-clickhousen/aclickhouse
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-40112
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 48.79%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 16:54
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002ra3002r_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-40110
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 48.79%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 16:51
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002ra3002r_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-45059
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 31.52%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-10 Apr, 2026 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8300di-8300_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 10
  • 11
  • Next
Details not found