Lucene search
K

34182 matches found

CNNVD
CNNVD
added 2025/12/04 12:0 a.m.5 views

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 and 12.6 through 12.11.2, which stems from a stack buffer overflow in the certificate request command that could lead to th...

7.5CVSS7.5AI score0.00236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.4 views

PT-2025-49166

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 WatchGuard Fireware OS versions 12.6 through 12.11.2 Description A stack-based buffer overflow exists in the certificate request command of WatchGuard Fireware OS. An authenticated...

7.5CVSS7.7AI score0.00236EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/03 2:2 p.m.5 views

CVE-2025-11785

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

9.8CVSS7.3AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/03 2:2 p.m.5 views

CVE-2025-11778

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

10CVSS7.5AI score0.00295EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/03 2:2 p.m.5 views

CVE-2025-11784

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

9.8CVSS7.3AI score0.00328EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/03 12:0 a.m.4 views

(Pwn2Own) Synology BeeStation Plus auth_info Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Synology BeeStation Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the authinfo parameter. The issue results from the lack of prope...

9.8CVSS7.6AI score0.02762EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.7 views

AlmaLinux 9 : gimp (ALSA-2025:21968)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21968 advisory. gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 gimp: GIMP ICNS File Parsing Out-Of-Bounds Writ...

7.8CVSS7.6AI score0.02751EPSS
Exploits0References9
EUVD
EUVD
added 2025/12/02 3:30 p.m.5 views

EUVD-2025-200232

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

8.5CVSS6.7AI score0.00328EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/12/02 2:22 p.m.10 views

libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS7.4AI score0.01569EPSS
Exploits0References6
Rosalinux
Rosalinux
added 2025/12/02 1:21 p.m.5 views

Advisory ROSA-SA-2025-3111

Software: pixman 0.38.4 OS: ROSA Virtualization 2.1 packageevrstring: pixman-0.38.4-4.rv3 CVE-ID: CVE-2020-35492 BDU-ID: 2021-03445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the image-compositor.c component of the Cairo vector graphics library is related to a data stack buffer overflow...

7.8CVSS7.4AI score0.01112EPSS
Exploits0
NVD
NVD
added 2025/12/02 1:15 p.m.2 views

CVE-2025-11785

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

9.8CVSS0.00328EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.3 views

CVE-2025-11783

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is found in the 'AddEvent' function when copying the user-controlled username input to a fixed-size buffer 48 bytes without boundary checking. This can lead to memory corruption, resulting in...

9.8CVSS0.00507EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.5 views

CVE-2025-11782

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload' function uses “sprintf” to format a string that includes the user-controlled input of 'GetParametermeter' in the fixed-size buffer 'acStack4c' 64 bytes without checking the length. An attacker c...

9.8CVSS0.00333EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.2 views

CVE-2025-11779

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...

9.8CVSS0.01272EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.6 views

CVE-2025-11780

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...

9.8CVSS0.00273EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/02 1:1 p.m.6 views

CVE-2025-11784 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

8.5CVSS0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/02 12:57 p.m.5 views

CVE-2025-11779 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...

9.4CVSS0.01272EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 12:57 p.m.2 views

CVE-2025-11779 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...

9.4CVSS6.9AI score0.01272EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 12:56 p.m.2 views

CVE-2025-11778 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

10CVSS7.1AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 2025/12/02 9:2 a.m.5 views

RLSA-2025:22417 Important: gimp:2.8 security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP DCM...

7.8CVSS7.2AI score0.02751EPSS
Exploits0References8
Rows per page
Query Builder