Export limit exceeded: 363392 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23176 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-47404 1 Qualcomm 377 215 Mobile, 215 Mobile Firmware, 5g Fixed Wireless Access and 374 more 2026-05-06 6.5 Medium
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
CVE-2025-47406 1 Qualcomm 63 Cologne, Cologne Firmware, Fastconnect 6700 and 60 more 2026-05-06 6.1 Medium
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.
CVE-2026-7851 2 D-link, Dlink 3 Di-8100, Di-8100, Di-8100 Firmware 2026-05-06 7.2 High
A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
CVE-2026-7853 2 D-link, Dlink 3 Di-8100, Di-8100, Di-8100 Firmware 2026-05-06 9.8 Critical
A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-7854 2 D-link, Dlink 3 Di-8100, Di-8100, Di-8100 Firmware 2026-05-06 9.8 Critical
A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function url_rule_asp of the file /url_rule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
CVE-2026-7855 2 D-link, Dlink 3 Di-8100, Di-8100, Di-8100 Firmware 2026-05-06 8.8 High
A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
CVE-2026-7856 2 D-link, Dlink 3 Di-8100, Di-8100, Di-8100 Firmware 2026-05-06 7.2 High
A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
CVE-2026-7857 2 D-link, Dlink 3 Di-8100, Di-8100, Di-8100 Firmware 2026-05-06 7.2 High
A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-25243 1 Redis 1 Redis 2026-05-06 8.8 High
Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may lead to remote code execution. A workaround is to restrict access to the RESTORE command with ACL rules. This is patched in version 8.6.3.
CVE-2026-32203 3 Apple, Linux, Microsoft 7 Macos, Linux Kernel, .net and 4 more 2026-05-06 7.5 High
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.
CVE-2026-34956 1 Redhat 7 Enterprise Linux, Fast Datapath, Openshift and 4 more 2026-05-06 5.9 Medium
A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in a Denial of Service (DoS) for the affected system.
CVE-2026-29004 1 Vda-linux 1 Busybox Mirror 2026-05-06 8.1 High
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6_OPT_DNS_SERVERS option. Attackers can exploit incorrect heap buffer allocation calculations in the option_to_env() function to cause denial of service or achieve arbitrary code execution on embedded systems without heap hardening.
CVE-2026-41927 1 Shenzhen Yuner Yipu 1 Wifi Extender Wdr201a 2026-05-06 N/A
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains a stack-based buffer overflow vulnerability in the firewall.cgi and makeRequest.cgi binaries that allows unauthenticated attackers to overwrite the saved return address by sending a POST request with a Content-Length header exceeding 512 bytes. Attackers can exploit insufficient length validation in the fgets() call to achieve arbitrary code execution through return-oriented programming or return-to-libc techniques.
CVE-2026-7834 1 Iptime 1 Nas1dual 2026-05-05 9.8 Critical
A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-31458 1 Linux 1 Linux Kernel 2026-05-05 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts->nr before accessing contexts_arr[0] Multiple sysfs command paths dereference contexts_arr[0] without first verifying that kdamond->contexts->nr == 1. A user can set nr_contexts to 0 via sysfs while DAMON is running, causing NULL pointer dereferences. In more detail, the issue can be triggered by privileged users like below. First, start DAMON and make contexts directory empty (kdamond->contexts->nr == 0). # damo start # cd /sys/kernel/mm/damon/admin/kdamonds/0 # echo 0 > contexts/nr_contexts Then, each of below commands will cause the NULL pointer dereference. # echo update_schemes_stats > state # echo update_schemes_tried_regions > state # echo update_schemes_tried_bytes > state # echo update_schemes_effective_quotas > state # echo update_tuned_intervals > state Guard all commands (except OFF) at the entry point of damon_sysfs_handle_cmd().
CVE-2026-6918 1 Eclipse 1 Openj9 2026-05-05 7.5 High
In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message.
CVE-2026-7719 1 Totolink 2 Wa300, Wa300 Firmware 2026-05-05 9.8 Critical
A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument http_host results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
CVE-2026-41429 1 Espressif 7 Arduino-esp32, Esp32, Esp32-c3 and 4 more 2026-05-05 8.8 High
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin(...), the device listens on UDP port 137 and processes untrusted NBNS requests from the local network. The request parser trusts the attacker-controlled name_len field without enforcing a bound consistent with the fixed-size destination buffers used later in the flow. This vulnerability is fixed in 3.3.8.
CVE-2026-7750 1 Totolink 2 N300rh, N300rh Firmware 2026-05-05 8.8 High
A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument mac_address results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used.
CVE-2026-35233 2 Oracle, Oracle Corporation 2 Linux, Oracle Linux 2026-05-05 4.4 Medium
An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link field. When root-level dtrace attaches to -- or instruments -- that process (via dtrace -p , pid probes, or USDT), the ELF parser reads heap memory beyond the allocated section cache array without any bounds check. This results in an uninitialized/out-of-bounds heap read that can cause a NULL pointer dereference crash of the dtrace process (DoS), or -- depending on heap layout -- a read-then-use of a garbage pointer controlled by adjacent allocations, providing a foothold toward further exploitation in a privileged context.