CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13261 matches found

Snyk•added 2025/04/08 4:44 a.m.•3 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow through the manipulation of the pathtoincludes argument. Remediation There is no fixed version for stb. References - GitHub Issue...

8.8CVSS6.9AI score0.00222EPSS

Exploits0References2

Cvelist•added 2025/04/08 4:31 a.m.•18 views

CVE-2025-3409 Nothings stb stb_include_string stack-based overflow

A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...

7.5CVSS0.00222EPSS

Exploits0References3

CVE•added 2025/04/08 4:31 a.m.•65 views

CVE-2025-3409

CVE-2025-3409 affects the Nothings stb library up to f056911, specifically the function stb_include_string. The vulnerability arises from manipulating the path_to_includes argument, causing a stack-based buffer overflow that can be exploited remotely. The project uses stb without versioning, and ...

8.8CVSS7.2AI score0.00222EPSS

Exploits0References3Affected Software1

Debian CVE•added 2025/04/08 4:31 a.m.•4 views

CVE-2025-3409

8.8CVSS6.7AI score0.00222EPSS

Exploits0

Vulnrichment•added 2025/04/08 4:31 a.m.•4 views

CVE-2025-3409 Nothings stb stb_include_string stack-based overflow

7.5CVSS7.2AI score0.00222EPSS

Exploits0References3

Tenable Nessus•added 2025/04/08 12:0 a.m.•18 views

Adobe FrameMaker 2020 < 16.0.8 (2020.0.8) / Adobe FrameMaker 2022 < 17.0.6 (2022.0.6) Multiple Vulnerabilities (APSB25-33)

The version of Adobe FrameMaker installed on the remote Windows host is prior to Adobe FrameMaker 2020 16.0.8 / Adobe FrameMaker 2022 17.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-33 advisory. - Out-of-bounds Write CWE-787 potentially leading to...

7.8CVSS9AI score0.00212EPSS

Exploits0References11

Positive Technologies•added 2025/04/08 12:0 a.m.•3 views

PT-2025-17391 · Tenda · Tenda I24 +1

Name of the Vulnerable Software and Affected Versions: Tenda W12 and i24 versions 3.0.0.42887 through 3.0.0.53644 Description: A critical vulnerability was found in the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the arguments hostIp1 and hostIp2 leads to a stack-bas...

9CVSS8.8AI score0.04917EPSS

Exploits1References17

Positive Technologies•added 2025/04/08 12:0 a.m.•3 views

PT-2025-17260 · D Link · D-Link Dwr-M961

Name of the Vulnerable Software and Affected Versions: D-Link DWR-M961 version 1.1.36 Description: A critical vulnerability has been found in the Authorization Interface component of the D-Link DWR-M961, affecting the file /boafrm/formStaticDHCP. The manipulation of the Hostname argument leads to...

9CVSS8.7AI score0.0347EPSS

Exploits0References14

Positive Technologies•added 2025/04/08 12:0 a.m.•3 views

PT-2025-15352 · Unknown +1 · Nothings Stb +1

Name of the Vulnerable Software and Affected Versions: Nothings stb up to f056911 Description: A critical vulnerability has been found in Nothings stb, affecting the stb include string function. The manipulation of the path to includes argument leads to a stack-based buffer overflow. This issue c...

7.5CVSS6.3AI score0.00222EPSS

Exploits0References17

RedhatCVE•added 2025/04/06 8:30 p.m.•18 views

CVE-2025-3266

A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...

9.8CVSS7.1AI score0.00578EPSS

Exploits1References1

RedhatCVE•added 2025/04/06 5:49 p.m.•16 views

CVE-2025-3259

A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely...

9CVSS7.2AI score0.00849EPSS

Exploits1References1

RedhatCVE•added 2025/04/06 3:16 a.m.•15 views

CVE-2025-3203

A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The...

5.3CVSS7.2AI score0.00344EPSS

Exploits0References1

Mageia•added 2025/04/05 6:46 p.m.•25 views

Updated corosync packages fix security vulnerability

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet. CVE-2025-30472...

9.8CVSS7.8AI score0.00157EPSS

Exploits1References2

OSV•added 2025/04/05 6:46 p.m.•6 views

MGASA-2025-0127 Updated corosync packages fix security vulnerability

9.8CVSS7.1AI score0.00157EPSS

Exploits1References3

RedhatCVE•added 2025/04/05 5:23 p.m.•14 views

CVE-2025-3166

A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function searchitem of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to...

7.8CVSS7.4AI score0.00251EPSS

Exploits1References1

RedhatCVE•added 2025/04/05 3:32 p.m.•16 views

CVE-2025-3161

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

9CVSS7.4AI score0.00449EPSS

Exploits0References1