Total
3816 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5074 | 1 Freefloat | 1 Ftp Server | 2025-06-05 | 7.3 High |
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component PROMPT Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5073 | 1 Freefloat | 1 Ftp Server | 2025-06-05 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. This issue affects some unknown processing of the component MKDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-22919 | 1 Swftools | 1 Swftools | 2025-06-05 | 7.8 High |
| swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587. | ||||
| CVE-2025-5218 | 1 Freefloat | 1 Ftp Server | 2025-06-05 | 7.3 High |
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0.0. Affected is an unknown function of the component LITERAL Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5217 | 1 Freefloat | 1 Ftp Server | 2025-06-05 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.0. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-35422 | 2 Lonelycoder, Vmir | 2 Vmir, Vmir | 2025-06-05 | 7.8 High |
| vmir e8117 was discovered to contain a heap buffer overflow via the wasm_call function at /src/vmir_wasm_parser.c. | ||||
| CVE-2024-35426 | 2 Lonelycoder, Vmir | 2 Vmir, Vmir | 2025-06-05 | 9.8 Critical |
| vmir e8117 was discovered to contain a stack overflow via the init_local_vars function at /src/vmir_wasm_parser.c. | ||||
| CVE-2023-49208 | 1 Glewlwyd Sso Server Project | 1 Glewlwyd Sso Server | 2025-06-05 | 9.8 Critical |
| scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration. | ||||
| CVE-2025-37803 | 1 Linux | 1 Linux Kernel | 2025-06-05 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit. | ||||
| CVE-2022-23093 | 1 Freebsd | 1 Freebsd | 2025-06-04 | 6.5 Medium |
| ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header. The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes. The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash. The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur. | ||||
| CVE-2025-4844 | 1 Freefloat | 1 Ftp Server | 2025-06-04 | 7.3 High |
| A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4845 | 1 Freefloat | 1 Ftp Server | 2025-06-04 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component TRACE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4847 | 1 Freefloat | 1 Ftp Server | 2025-06-04 | 7.3 High |
| A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component MLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4848 | 1 Freefloat | 1 Ftp Server | 2025-06-04 | 7.3 High |
| A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RECV Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-36650 | 1 Totolink | 2 A3100r, A3100r Firmware | 2025-06-04 | 7.5 High |
| TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack. | ||||
| CVE-2024-52711 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-06-04 | 5.7 Medium |
| DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. | ||||
| CVE-2024-50305 | 2 Apache, Apache Software Foundation | 2 Traffic Server, Apache Traffic Server | 2025-06-04 | 7.5 High |
| Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue. | ||||
| CVE-2022-25708 | 1 Qualcomm | 34 Sd888 5g, Sd888 5g Firmware, Sd 8 Gen1 5g Firmware and 31 more | 2025-06-04 | 9.8 Critical |
| Memory corruption in WLAN due to buffer copy without checking size of input while parsing keys in Snapdragon Connectivity, Snapdragon Mobile | ||||
| CVE-2024-38541 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-06-04 | 9.8 Critical |
| In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will point beyond the buffer's end. Add the buffer overflow check after the 1st snprintf() call and fix such check after the strlen() call (accounting for the terminating NUL char). | ||||
| CVE-2024-23621 | 1 Ibm | 1 Merge Efilm Workstation | 2025-06-03 | 10 Critical |
| A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution. | ||||