Export limit exceeded: 17901 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 14133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14133 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55089 | 1 Eclipse | 1 Threadx Filex | 2026-01-20 | 9.8 Critical |
| In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets | ||||
| CVE-2025-15083 | 2 Gztozed, Tozed | 3 Zlt M30s, Zlt M30s Firmware, Zlt M30s | 2026-01-20 | 2 Low |
| A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2018-0175 | 2 Cisco, Rockwellautomation | 10 Ios, Ios Xe, Ios Xr and 7 more | 2026-01-14 | 8 High |
| Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664. | ||||
| CVE-2018-0167 | 2 Cisco, Rockwellautomation | 18 Asr 9001, Asr 9006, Asr 9010 and 15 more | 2026-01-14 | 8.8 High |
| Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487. | ||||
| CVE-2023-30767 | 1 Intel | 1 Optimization For Tensorflow | 2026-01-14 | 5.5 Medium |
| Improper buffer restrictions in Intel(R) Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-36581 | 1 Dell | 6 Poweredge R6415, Poweredge R6415 Firmware, Poweredge R7415 and 3 more | 2026-01-14 | 3.8 Low |
| Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2025-46298 | 1 Apple | 8 Ios, Ipados, Iphone Os and 5 more | 2026-01-14 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-7116 | 1 Utt | 2 750w, 750w Firmware | 2026-01-14 | 8.8 High |
| A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fast_wireless_conf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2018-0151 | 1 Cisco | 1 Ios Xe | 2026-01-13 | 9.8 Critical |
| A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges. The vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code on the affected device with elevated privileges. The attacker could also leverage this vulnerability to cause the device to reload, causing a temporary DoS condition while the device is reloading. The malicious packets must be destined to and processed by an affected device. Traffic transiting a device will not trigger the vulnerability. Cisco Bug IDs: CSCvf73881. | ||||
| CVE-2025-15194 | 2 D-link, Dlink | 3 Dir-600, Dir-600, Dir-600 Firmware | 2026-01-13 | 9.8 Critical |
| A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component HTTP Header Handler. The manipulation of the argument Cookie results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-7616 | 1 Gmg137 | 1 Snap7-rs | 2026-01-13 | 5.5 Medium |
| A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthread_cond_destroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-14333 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-01-13 | 8.1 High |
| Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. | ||||
| CVE-2017-12240 | 1 Cisco | 265 1000 Integrated Services Router, 1100-4g Integrated Services Router, 1100-4gltegb Integrated Services Router and 262 more | 2026-01-12 | 9.8 Critical |
| The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959. | ||||
| CVE-2025-14572 | 1 Utt | 2 512w, 512w Firmware | 2026-01-12 | 8.8 High |
| A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2017-6742 | 1 Cisco | 2 Ios, Ios Xe | 2026-01-12 | 8.8 High |
| A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffer overflow in the affected code area. The vulnerability affects all versions of SNMP (versions 1, 2c, and 3). The attacker must know the SNMP read only community string (SNMP version 2c or earlier) or the user credentials (SNMPv3). An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. Only traffic directed to the affected system can be used to exploit this vulnerability. | ||||
| CVE-2025-10172 | 1 Utt | 2 750w, 750w Firmware | 2026-01-12 | 8.8 High |
| A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-14708 | 2 Sgwbox, Shiguangwu | 3 N3, N3 Firmware, Sgwbox N3 | 2026-01-09 | 9.8 Critical |
| A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/http_eshell_server of the component WIREDCFGGET Interface. Executing manipulation of the argument params can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-12745 | 2 Bellard, Quickjs-ng | 2 Quickjs, Quickjs | 2026-01-08 | 5.3 Medium |
| A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function js_array_buffer_slice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public and could be exploited. This product adopts a rolling release strategy to maintain continuous delivery Patch name: c6fe5a98fd3ef3b7064e6e0145dfebfe12449fea. To fix this issue, it is recommended to deploy a patch. | ||||
| CVE-2025-6098 | 1 Utt | 2 750w, 750w Firmware | 2026-01-08 | 9.8 Critical |
| A vulnerability was found in UTT 进取 750W up to 5.0. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-6732 | 1 Utt | 3 840g, 840g Firmware, Hiper 840g | 2026-01-08 | 8.8 High |
| A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||