Lucene search
K

404 matches found

Cvelist
Cvelist
added 2025/12/02 1:1 p.m.6 views

CVE-2025-11785 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

8.5CVSS0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/02 1:0 p.m.7 views

CVE-2025-11782 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload' function uses “sprintf” to format a string that includes the user-controlled input of 'GetParametermeter' in the fixed-size buffer 'acStack4c' 64 bytes without checking the length. An attacker c...

8.5CVSS0.0035EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.8 views

PT-2025-48670

Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2 Description A stack-based buffer overflow exists due to insufficient input validation. The GetParametermeter function retrieves user-supplied input, specifically the meter parameter, and copies it...

9.8CVSS7.1AI score0.00284EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/01 9:41 a.m.2 views

kernel: i40e: add validation for ring_len param

A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...

5.8AI score0.00193EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.7 views

Fortinet FortiExtender 安全漏洞

Fortinet FortiExtender is a wireless WAN wide area network extender device from Fortinet. The Fortinet FortiExtender suffers from a buffer overflow vulnerability that originates from buffer copying without checking the input size, which can be exploited by an attacker to cause an authenticated us...

7.8CVSS8AI score0.00139EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

HP Integrated Lights-Out Buffer Copy without Checking Size of Input (CVE-2021-29202)

"A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504415; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13";...

6.7CVSS6.8AI score0.00283EPSS
Exploits0References2
Veracode
Veracode
added 2025/11/04 7:28 a.m.7 views

Unchecked Input For Loop Condition

com.liferay.portal, com.liferay.portal.impl is vulnerable to unchecked input for loop condition. The vulnerability is due to improper validation of input data in XML-RPC requests, which allows an attacker to perform a denial-of-service DoS attack by sending a crafted XML-RPC request...

7.5CVSS6.6AI score0.00372EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/10/29 12:0 p.m.16 views

CVE-2025-12142

CVE-2025-12142 affects ABB Terra AC wallbox (versions up to 1.8.33). The issue is a classic buffer overflow (buffer copy without checking input size). According to connected sources, processing crafted input may lead to code execution or firmware behavior alteration. Remediation referenced across...

6.9CVSS6.6AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.3 views

ABB Terra AC wallbox 安全漏洞

The ABB Terra AC wallbox is ABB's superior EV home charger, offering high value quality, future-proof flexibility, and advanced security and protection. A security vulnerability exists in ABB Terra AC wallbox version 1.8.33 and earlier, which originates from buffer copying without checking the...

6.9CVSS6.9AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2025/10/25 7:15 a.m.6 views

CVE-2025-8483

The The Discussion Board – WordPress Forum Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.5.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. Th...

6.3CVSS0.0024EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.5 views

Juniper Networks Junos OS SRX和Juniper Networks Junos OS MX 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS on SRX Series and MX Series versio...

8.2CVSS6.2AI score0.00309EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.3 views

WordPress plugin Find Me On 安全漏洞

WordPress Find Me On plugin is a downgraded plugin that is mainly used to add social media link portals to your website. WordPress Find Me On plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. The...

7.7CVSS7.9AI score0.00248EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/10/06 11:22 p.m.4 views

SUSE CVE-2025-59731

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS5.9AI score0.0016EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47635

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-26572

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00174EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13674

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00474EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-54128

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00868EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-58962

Malicious code in bioql PyPI...

9.8CVSS8.4AI score0.00441EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-12458

Malicious code in bioql PyPI...

9.6CVSS6.7AI score0.00471EPSS
Exploits1References1
CVE
CVE
added 2025/09/24 3:33 p.m.25 views

CVE-2025-21481

CVE-2025-21481 is linked to memory corruption during private key encryption in a trusted application, specifically within the Adreno GPU DRM driver. The PT-2025-23797 entry describes a use-after-free condition in the Direct Rendering Manager (DRM) Driver of the Adreno GPU, affecting unspecified A...

7.8CVSS6.7AI score0.00068EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder