How severe is CVE-2025-0282?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9 out of 10.

What type of vulnerability is CVE-2025-0282?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2025-0282

CRITICAL Year: 2025

CVSS v3 Score

9.0

Critical

Weakness Type

CWE-121

View all →

Vulnerability Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

CVE-2022-29496

CRITICAL

CVSS:9.0(Critical)

A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attack...

CWE-1212022

CVE-2023-50734

CRITICAL

CVSS:9.0(Critical)

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

CWE-1212023

CVE-2024-28038

CRITICAL

CVSS:9.0(Critical)

The web interface of the affected devices processes a cookie value improperly, leading to a stack buffer overflow. More precisely, giving too long character string to MFPSESSIONID parameter results in...

CWE-1212024

CVE-2021-21887

CRITICAL

CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remot...

CWE-1212021

CVE-2021-21890

CRITICAL

CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote...

CWE-1212021