Total
4075 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-50922 | 1 Litexmedia | 1 Audio Conversion Wizard | 2026-01-14 | 9.8 Critical |
| Audio Conversion Wizard v2.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory with a specially crafted registration code. Attackers can generate a payload that overwrites the application's memory stack, potentially enabling remote code execution through a carefully constructed input buffer. | ||||
| CVE-2025-7673 | 1 Zyxel | 48 Emg3525-t50b, Emg3525-t50b Firmware, Emg5523-t50b and 45 more | 2026-01-14 | 9.8 Critical |
| A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request. | ||||
| CVE-2025-7116 | 1 Utt | 2 750w, 750w Firmware | 2026-01-14 | 8.8 High |
| A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fast_wireless_conf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-57632 | 2026-01-14 | 7.5 High | ||
| libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs (NextCommand), libsmb2 repeatedly calls smb2_add_iovector() to append to a fixed-size iovec array without checking the upper bound of v->niov (SMB2_MAX_VECTORS=256). An attacker can craft responses with many chained PDUs to overflow v->niov and perform heap out-of-bounds writes, causing memory corruption, crashes, and potentially arbitrary code execution. The SMB2_OPLOCK_BREAK path bypasses message ID validation. | ||||
| CVE-2025-46776 | 1 Fortinet | 2 Fortiextender, Fortiextender Firmware | 2026-01-14 | 6.3 Medium |
| A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands. | ||||
| CVE-2026-0836 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 8.8 High |
| A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-0837 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 8.8 High |
| A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-0838 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 8.8 High |
| A security flaw has been discovered in UTT 进取 520W 1.7.7-180627. This impacts the function strcpy of the file /goform/ConfigWirelessBase. Performing a manipulation of the argument ssid results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-0839 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 8.8 High |
| A weakness has been identified in UTT 进取 520W 1.7.7-180627. Affected is the function strcpy of the file /goform/APSecurity. Executing a manipulation of the argument wepkey1 can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-0840 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 8.8 High |
| A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-0841 | 1 Utt | 2 520w, 520w Firmware | 2026-01-13 | 8.8 High |
| A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15462 | 1 Utt | 2 520w, 520w Firmware | 2026-01-12 | 8.8 High |
| A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/ConfigAdvideo. The manipulation of the argument timestart leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15461 | 1 Utt | 2 520w, 520w Firmware | 2026-01-12 | 8.8 High |
| A flaw has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTaskEdit. Executing a manipulation of the argument selDateType can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2016-6366 | 1 Cisco | 45 7604, 7606-s, 7609-s and 42 more | 2026-01-12 | 8.8 High |
| Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON. | ||||
| CVE-2025-15460 | 1 Utt | 2 520w, 520w Firmware | 2026-01-12 | 8.8 High |
| A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formPptpClientConfig. Performing a manipulation of the argument EncryptionMode results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15459 | 1 Utt | 2 520w, 520w Firmware | 2026-01-12 | 8.8 High |
| A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formUser. Such manipulation of the argument passwd1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15431 | 1 Utt | 2 512w, 512w Firmware | 2026-01-12 | 8.8 High |
| A flaw has been found in UTT 进取 512W 1.7.7-171114. This affects the function strcpy of the file /goform/formFtpServerDirConfig. Executing manipulation of the argument filename can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15428 | 1 Utt | 2 512w, 512w Firmware | 2026-01-12 | 8.8 High |
| A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the file /goform/formRemoteControl. This manipulation of the argument Profile causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15430 | 1 Utt | 2 512w, 512w Firmware | 2026-01-12 | 8.8 High |
| A vulnerability was detected in UTT 进取 512W 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formFtpServerShareDirSelcet. Performing manipulation of the argument oldfilename results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15429 | 1 Utt | 2 512w, 512w Firmware | 2026-01-12 | 8.8 High |
| A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formConfigCliForEngineerOnly. Such manipulation of the argument addCommand leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||