Exploit Database

145,169 exploits tracked across all sources.

Sort: Activity Stars
CVE-2025-29042 WRITEUP CRITICAL
D-Link DIR-823x Firmware - OS Command Injection via macaddr Parameter
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c
CVSS 9.8
CVE-2025-29043 WRITEUP CRITICAL
D-Link DIR-823x Firmware - OS Command Injection via Function 0x417234
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234
CVSS 9.8
CVE-2025-29044 WRITEUP CRITICAL
Netgear R6100 Firmware V1.0.1.28 - Buffer Overflow via QUERY_STRING
Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value
CVSS 9.8
CVE-2025-29045 WRITEUP CRITICAL
ALFA WiFi CampPro Firmware - Buffer Overflow via newap_text_0 Key Value
Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value
CVSS 9.8
CVE-2025-29046 WRITEUP CRITICAL
ALFA WiFi CampPro Firmware ALFA_CAMPRO-co-2.29 - Buffer Overflow via GAPSMinute3 Key Value
Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value
CVSS 9.8
CVE-2025-29047 WRITEUP CRITICAL
ALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 - Buffer Overflow via StorageEditUser hiddenIndex
Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser
CVSS 9.8
CVE-2025-29088 WRITEUP MEDIUM
SQLite 3.49.0 - Denial of Service via sqlite3_db_config Integer Overflow
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
CVSS 5.6
CVE-2025-29093 WRITEUP HIGH
Motivian Content Management System 41.0.0 - Remote Code Execution via Gallery Images Upload
File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Content/Gallery/Images component.
CVSS 8.2
CVE-2025-29100 WRITEUP CRITICAL
Tenda AC8 V16.03.34.06 - Stack-based Buffer Overflow via fromSetRouteStatic Parameter
Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the parameter list.
CVSS 9.8
CVE-2025-29135 WRITEUP CRITICAL
Tenda AC7 V15.03.06.44 - Stack-based Buffer Overflow via formWifiBasicSet Security Parameter
A stack-based buffer overflow vulnerability in Tenda AC7 V15.03.06.44 allows a remote attacker to execute arbitrary code through a stack overflow attack using the security parameter of the formWifiBasicSet function.
CVSS 9.8
CVE-2025-29155 WRITEUP MEDIUM
Swagger Petstore 1.0.7 - Remote Code Execution via DELETE Endpoint
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint
CVSS 6.5
CVE-2025-29156 WRITEUP MEDIUM
Swagger Petstore 1.0.7 - Cross-Site Scripting via /api/v3/pet Endpoint
Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet
CVSS 6.1
CVE-2025-29157 WRITEUP MEDIUM
Swagger Petstore 1.0.7 - Information Disclosure via Non-Existent Endpoint
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name (default) and server version
CVSS 6.5
CVE-2025-29214 WRITEUP HIGH
Tenda AX12 v22.03.01.46_CN - Stack-based Buffer Overflow via setMacFilterCfg
Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg.
CVSS 7.5
CVE-2025-29215 WRITEUP MEDIUM
Tenda AX12 v22.03.01.46_CN - Stack-based Buffer Overflow via SetNetControlList
Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList.
CVSS 6.5
CVE-2025-29218 WRITEUP MEDIUM
Tenda W18E v2.0 v16.01.0.11 - Stack-based Buffer Overflow via wifiPwd Parameter
Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiPwd parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS 6.5
CVE-2025-29366 WRITEUP CRITICAL
mupen64plus 2.6.0 - Remote Code Execution via Array Overflow in write_rdram_regs
In mupen64plus v2.6.0 there is an array overflow vulnerability in the write_rdram_regs and write_rdram_regs functions, which enables executing arbitrary commands on the host machine.
CVSS 9.8
CVE-2025-29366 WRITEUP CRITICAL
mupen64plus 2.6.0 - Remote Code Execution via Array Overflow in write_rdram_regs
In mupen64plus v2.6.0 there is an array overflow vulnerability in the write_rdram_regs and write_rdram_regs functions, which enables executing arbitrary commands on the host machine.
CVSS 9.8
CVE-2025-29384 WRITEUP CRITICAL
Tenda AC9 v1.0 V15.03.05.14_multi - Stack Overflow via wanMTU Parameter
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVSS 9.8
CVE-2025-29405 WRITEUP MEDIUM
emlog 2.5.1-2.5.6 - Arbitrary File Upload via Template Admin Endpoint
An arbitrary file upload vulnerability in the component /admin/template.php of emlog pro 2.5.0 and pro 2.5.* allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS 6.3
CVE-2025-29628 WRITEUP CRITICAL
Gardyn Home Kit Firmware < master.619 - Exposure of Sensitive Information via Insecure HTTP Connection
A Gardyn Azure IoT Hub connection string is downloaded over an insecure HTTP connection in Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 leaving the string vulnerable to interception and modification through a Man-in-the-Middle attack. This may result in the attacker capturing device credentials or taking control of vulnerable home kits.
CVSS 9.4
CVE-2025-29632 WRITEUP MEDIUM
free5gc 4.0.0 - Buffer Overflow via AMF NGAP Handler
Buffer Overflow vulnerability in Free5gc v.4.0.0 allows a remote attacker to cause a denial of service via the AMF, NGAP, security.go, handler_generated.go, handleInitialUEMessageMain, DecodePlainNasNoIntegrityCheck, GetSecurityHeaderType components
CVSS 5.4
CVE-2025-29708 WRITEUP CRITICAL
SourceCodester Company Website CMS 1.0 - File Upload
SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services.
CVSS 9.8
CVE-2025-29709 WRITEUP CRITICAL
SourceCodester Company Website CMS 1.0 - File Upload
SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio.
CVSS 9.8
CVE-2025-29710 WRITEUP MEDIUM
SourceCodester Company Website CMS 1.0 - Stored Cross-Site Scripting via Dashboard Services
SourceCodester Company Website CMS 1.0 is vulnerable to Cross Site Scripting (XSS) via /dashboard/Services.
CVSS 6.1