CVE-2025-5912

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

📄 Mongoose HTTP Denial of Service

Mongoose HTTP versions prior to 7.14 appear to suffer from a basic resource exhaustion denial of service vulnerability. Exploit Title: Mongoose HTTP 7.14 DDOS Stack-Based Free Discovered by: Yehia Elghaly Discovered Date: 2025-06-11 Vendor Homepage: https://mongoose.ws/ Software Link :...

PT-2025-26295 · D Link · D-Link Dir-815

Name of the Vulnerable Software and Affected Versions: D-Link DIR-815 version 1.01 Description: A critical vulnerability was found in the D-Link DIR-815, affecting the function sub 403794 of the file hedwig.cgi. This vulnerability leads to a stack-based buffer overflow and can be initiated...

CVE-2025-5853

A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely...

(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bleprocessesp32msg function. The issue...

(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON messages...

EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2025-1637)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...

CVE-2025-5849

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer...

CVE-2025-5978

A vulnerability was found in Tenda FH1202 1.2.0.14. It has been classified as critical. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has...

CVE-2025-5978

CVE-2025-5978 affects Tenda FH1202, version 1.2.0.14. The vulnerability is in the function fromVirtualSer of the file /goform/VirtualSer. Manipulating the argument page causes a stack-based buffer overflow, enabling remote code execution. Multiple connected sources corroborate the issue and descr...

CVE-2025-5969 D-Link DIR-632 HTTP POST Request biurl_grou FUN_00425fd8 stack-based overflow

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN00425fd8 of the file /biurlgrou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched...

CVE-2025-5969

The CVE-2025-5969 entry concerns D-Link DIR-632 FW103B08. Affected is the HTTP POST Request Handler, specifically the FUN_00425fd8 function in file /biurl_grou, where input length validation leads to a stack-based buffer overflow. The vulnerability can be exploited remotely and, per sources, affe...

CVE-2025-5969 D-Link DIR-632 HTTP POST Request biurl_grou FUN_00425fd8 stack-based overflow

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN00425fd8 of the file /biurlgrou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched...

CVE-2025-5847

A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based...

BIT-MARIADB-MIN-2022-24048

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

CVE-2025-5912

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

CVE-2025-5934 Netgear EX3700 mtd sub_41619C stack-based overflow

A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub41619C of the file /mtd. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

CVE-2025-5934

Netgear EX3700 devices with firmware up to 1.0.0.88 are affected by a stack-based buffer overflow in function sub_41619C in /mtd. The vulnerability can be exploited remotely and the exploit has been disclosed publicly. A fix exists: upgrade to version 1.0.0.98. This issue affects products that ar...

CVE-2025-5912

The CVE-2025-5912 entry concerns D-Link DIR-632 with firmware FW103B08. A stack-based buffer overflow exists in the HTTP POST Request Handler’s do_file function. The vulnerability is exploitable remotely and affects a product that is no longer supported. Multiple connected sources provide concret...

CVE-2025-5912 D-Link DIR-632 HTTP POST Request do_file stack-based overflow

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...