40 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: added validation for the VIRTIONETCTRLMQVQPAIRSSET command When the control vq receives a VIRTIONETCTRLMQVQPAIRSSET command request from the driver, there is currently no validation of the number of queue pairs to be...
CVE-2026-4565
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used...
CVE-2023-49437
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList...
CVE-2022-38831
Tenda RX9Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList...
EUVD-2025-25102
Malicious code in bioql PyPI...
CVE-2025-9087
A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function setqosMiblist of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack...
CVE-2025-9087
A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function setqosMiblist of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack...
CVE-2025-9087 Tenda AC20 SetNetControlList Endpoint set_qosMib_list stack-based overflow
A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function setqosMiblist of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack...
Tenda AC20 安全漏洞
The Tenda AC20 is a wireless router from the Chinese company Tenda. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from the failure of the parameter list of the setqosMiblist function in the /goform/SetNetControlList file to correctly validate the length of the input...
CVE-2022-38510
TendaTX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList...
kernel: sysctl: always initialize i_uid/i_gid
In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...
CVE-2025-29215
Tenda AX12 v22.03.01.46CN was discovered to contain a stack overflow via the sub43fdcc function at /goform/SetNetControlList...
PT-2024-9129 · Tenda · Tenda Rx9 +1
Name of the Vulnerable Software and Affected Versions: Tenda RX9 and RX9 Pro version 22.03.02.20 Description: A critical issue has been found, affecting the function sub 4337EC of the file /goform/SetNetControlList. The manipulation of the list argument leads to a stack-based buffer overflow. Thi...
Tenda RX9 Pro和Tenda RX9 安全漏洞
Both the Tenda RX9 Pro and the Tenda RX9 are a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda RX9 Pro and Tenda RX9, which originates from the list parameter in the sub4337EC function on the /goform/SetNetControlList page that fails to correctl...
SUSE CVE-2024-42312
In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...
SUSE CVE-2022-48864
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: add validation for VIRTIONETCTRLMQVQPAIRSSET command When control vq receives a VIRTIONETCTRLMQVQPAIRSSET command request from the driver, presently there is no validation against the number of queue pairs to configure...
PT-2024-2262 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical vulnerability is associated with the function formSetQosBand of the file /goform/SetNetControlList in the Tenda AC18 router's firmware. The issue arises from a stack-based buffer overflow...
CVE-2023-49427
Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remote attackers to cause a denial of service DoS via list parameter in SetNetControlList function...
PT-2024-14303 · Tenda · Tenda Ax3
Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A remote code execution issue was discovered via the list parameter at the "/goform/SetNetControlList" API endpoint. Recommendations: For Tenda AX3 version 16.03.12.11, as a temporary workaround,...
Tenda AX3 安全漏洞
The Tenda Ax3 is an Ax1800 Gigabit Port Dual Band Wifi 6 Wireless Router from Tenda China. A code execution vulnerability exists in Tenda AX3 version v16.03.12.11, which stems from the list parameter in /goform/SetNetControlList failing to correctly filter the special elements of the constructed...