CVE-2026-11499

CVE-2026-11499 affects Tenda HG7HG9/HG10 with version 300001138_en_xpon. The vulnerability is in the function formDOMAINBLK of the file /boaform/formDOMAINBLK. A crafted manipulation of the blkDomain argument leads to a stack-based buffer overflow. The advisory notes this can be exploited remotel...

EUVD-2026-35028

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

XiongMai uc-httpd 1.0.0 - Buffer Overflow

Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725. id: CVE-2018-10088 info: name: XiongMai uc-httpd 1.0.0 - Buffer Overflow author: 0xAkoko severity: critical description: | Buffer overflow in XiongMai uc-httpd 1.0....

Important: libsolv

Issue Overview: A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI...

Important: ruby3.4

Issue Overview: zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously...

PT-2026-47434

Name of the Vulnerable Software and Affected Versions Tenda HG7HG9 and HG10 affected versions not specified Description A stack-based buffer overflow occurs due to the manipulation of the encodename argument within the formPPPEdit function of the file /boaform/formPPPEdit. This issue allows for...

ROS-20260608-73-0018

The vulnerability of the Microsoft Visual Studio software development tool and the .NET software platform is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

Medium: perl

Issue Overview: Buffer overflow in Perlstudychunk CVE-2026-8376 Affected Packages: perl Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update perl or yum updat...

PT-2026-47290

A vulnerability was found in UTT HiPER 2610G up to 3.0.0-171107. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the argument NatBinds results in buffer overflow. The exploit has been made public and could be used...

PT-2026-47316

A buffer overflow in mod proxy html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

PT-2026-47353

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vrealloc node align Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

PT-2026-47366

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrieve status: 1. The code in retrieve status checks that the output string fits into the output buffer...

Important: libpq

Issue Overview: Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores...

PT-2026-47291

A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly...

PT-2026-47267

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

PT-2026-47438

Name of the Vulnerable Software and Affected Versions Tenda F451 versions 1.0.0.7 through 1.0.0.9 Description A stack-based buffer overflow can be triggered remotely via the Web Management Interface. The issue exists within the fromNatlimit function located in the /goform/Natlimit file, where...

PT-2026-47320

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

Important: nvidia-driver

Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault CVE-2026-31456 In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation CVE-2026-31575...