8439 matches found
Windows Telephony Service Remote Code Execution Vulnerability
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network...
CVE-2025-3409
A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...
CVE-2025-3409
A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...
CVE-2025-3409 Nothings stb stb_include_string stack-based overflow
A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...
CVE-2025-3409
A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...
Adobe FrameMaker 2020 < 16.0.8 (2020.0.8) / Adobe FrameMaker 2022 < 17.0.6 (2022.0.6) Multiple Vulnerabilities (APSB25-33)
The version of Adobe FrameMaker installed on the remote Windows host is prior to Adobe FrameMaker 2020 16.0.8 / Adobe FrameMaker 2022 17.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-33 advisory. - Out-of-bounds Write CWE-787 potentially leading to...
PT-2025-17391 · Tenda · Tenda I24 +1
Name of the Vulnerable Software and Affected Versions: Tenda W12 and i24 versions 3.0.0.42887 through 3.0.0.53644 Description: A critical vulnerability was found in the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the arguments hostIp1 and hostIp2 leads to a stack-bas...
PT-2025-17260 · D Link · D-Link Dwr-M961
Name of the Vulnerable Software and Affected Versions: D-Link DWR-M961 version 1.1.36 Description: A critical vulnerability has been found in the Authorization Interface component of the D-Link DWR-M961, affecting the file /boafrm/formStaticDHCP. The manipulation of the Hostname argument leads to...
PT-2025-15352 · Unknown +1 · Nothings Stb +1
Name of the Vulnerable Software and Affected Versions: Nothings stb up to f056911 Description: A critical vulnerability has been found in Nothings stb, affecting the stb include string function. The manipulation of the path to includes argument leads to a stack-based buffer overflow. This issue c...
CVE-2025-3266
A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...
CVE-2025-3259
A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely...
CVE-2025-3203
A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The...
Updated corosync packages fix security vulnerability
Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet. CVE-2025-30472...
MGASA-2025-0127 Updated corosync packages fix security vulnerability
Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet. CVE-2025-30472...
CVE-2025-3166
A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function searchitem of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to...
CVE-2025-3161
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...
CVE-2025-3266
A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...
CVE-2025-3203
A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The...
CVE-2025-3203
CVE-2025-3203 concerns Tenda W18E firmware 16.01.0.11 where the Password argument in the formSetAccountList function (in /goform/setModules) can trigger a stack-based buffer overflow. The vulnerability can be exploited remotely and the public disclosure has occurred. Connected reports consistentl...
CVE-2025-3196
The CVE-2025-3196 issue affects Open Asset Import Library Assimp 5.4.3, specifically the Malformed File Handler in Assimp::MD2Importer::InternReadFile (MD2Loader.cpp). Exploitation leads to a stack-based buffer overflow, with a local attack vector. The vulnerability is publicly disclosed and an u...