Total
3307 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-4890 | 1 Fabian | 1 Tourism Management System | 2025-10-23 | 5.3 Medium |
| A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4499 | 1 Fabian | 1 Simple Hospital Management System | 2025-10-23 | 5.3 Medium |
| A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the function Add of the component Add Information. The manipulation of the argument x[i].name/x[i].disease leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4471 | 1 Fabian | 1 Jewellery Store Management System | 2025-10-23 | 5.3 Medium |
| A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component Search Item View. The manipulation of the argument str2 leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4501 | 1 Fabian | 1 Album Management System | 2025-10-23 | 5.3 Medium |
| A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum of the component Search Albums. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-60342 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-23 | 7.5 High |
| Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the addressNat function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2013-2597 | 1 Codeaurora | 1 Android-msm | 2025-10-22 | 8.4 High |
| Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument. | ||||
| CVE-2010-2883 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Macos and 2 more | 2025-10-22 | 7.3 High |
| Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0927 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2025-10-22 | 8.8 High |
| Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658. | ||||
| CVE-2025-5555 | 1 Dieboldnixdorf | 1 Wincor | 2025-10-21 | 7.8 High |
| A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub_11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0.1 is able to mitigate this issue. Upgrading the affected component is recommended. The vendor was contacted beforehand and was able to provide a patch very early. | ||||
| CVE-2025-11678 | 1 Warmcat | 1 Libwebsockets | 2025-10-21 | 7.6 High |
| Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilation, to overflow the label_stack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer than the maximum. | ||||
| CVE-2025-46405 | 1 F5 | 2 Big-ip, Big-ip Access Policy Manager | 2025-10-21 | 7.5 High |
| When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-8958 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-10-21 | 8.8 High |
| A vulnerability was identified in Tenda TX3 16.03.13.11_multi_TDE01. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-58300 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 6.2 Medium |
| Buffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58297 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 5.9 Medium |
| Buffer overflow vulnerability in the sensor service. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58298 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 7.3 High |
| Data processing error vulnerability in the package management module. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58301 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 6.2 Medium |
| Buffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58295 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 5.9 Medium |
| Buffer overflow vulnerability in the development framework module. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-9336 | 1 Asus | 1 Armoury Crate | 2025-10-20 | N/A |
| A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash (BSOD) or other potentially undefined execution. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information. | ||||
| CVE-2025-11012 | 1 Behaviortree | 1 Behaviortree | 2025-10-16 | 5.3 Medium |
| A vulnerability was determined in BehaviorTree up to 4.7.0. This affects the function ParseScript of the file /src/script_parser.cpp of the component Diagnostic Message Handler. Executing manipulation of the argument error_msgs_buffer can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. This patch is called cb6c7514efa628adb8180b58b4c9ccdebbe096e3. A patch should be applied to remediate this issue. | ||||
| CVE-2025-45587 | 1 Audi | 2 Universal Traffic Recorder, Universal Traffic Recorder Firmware | 2025-10-16 | 7 High |
| A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||