Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound (OOB) vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no
CVE-2026-5067
CRITICAL CVSS 9.8
Find Similar
A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the heade
A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (setDefResponse functi
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated b
CVE-2025-41730
CRITICAL CVSS 9.8
Find Similar
An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.
An unauthenticated attacker can perform an out of bounds heap read in the IQ Service (TCP port 9876). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111.
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32)
CVE-2025-41732
CRITICAL CVSS 9.8
Find Similar
An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_cookie() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.
CVE-2026-7762
CRITICAL CVSS 9.8
Find Similar
A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio ran
An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that could lead to memory corruption.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluate
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading The handler of firmware C
Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
CVE-2024-43689
CRITICAL CVSS 9.8
Find Similar
Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed.
A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (sub_42F32C function).
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read
A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation.
CVE-2024-40086
CRITICAL CVSS 9.6
Find Similar
A Buffer Overflow vulnerability in the local_app_set_router_wifi_SSID_PWD function of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via a pass
In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user. If i
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix buffer overflow in debugfs If the user tries to write more than 32 bytes then it results in memory corruption.
An integer underflow vulnerability in the Silicon Labs Z-Wave Protocol Controller can lead to out of bounds memory reads.
Page 1+ Next →