CVE-2026-2187 Tenda RX3 formSetQosBand set_qosMib_list stack-based overflow

A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function setqosMiblist of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been ma...

CVE-2026-2187 Tenda RX3 formSetQosBand set_qosMib_list stack-based overflow

A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function setqosMiblist of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been ma...

CVE-2026-2187

creationtimestamp| type| source ---|---|--- 2026-02-08 09:22:11+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116034275302342033...

EUVD-2026-2187

Time-of-check time-of-use toctou race condition in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2019-2187

In nfcncifdecoderfparams of nfcncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1...

CVE-2024-2187

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonials widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

EUVD-2018-2187

Malware in sbrugna...

EUVD-2025-2181

Malicious code in bioql PyPI...

CVE-2023-2187

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

CVE-2021-2187

Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: Shopping Cart. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore...

Linux Distros Unpatched Vulnerability : CVE-2016-2187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gtcoprobe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service NULL...

CVE-2025-20631

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187...

CVE-2025-20631

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187...

CVE-2025-20631

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187...

CVE-2025-20631

CVE-2025-20631 affects the MediaTek WLAN AP driver (notably on MediaTek chipsets such as MT7615/MT7622/MT7663/MT7915/MT7916/MT7981/MT7986). The root cause is an incorrect bounds check that enables an out-of-bounds write, leading to local privilege escalation with no extra privileges and no user i...

openSUSE Security Advisory (SUSE-SU-2024:2187-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c CVE-2019-15505 - kernel: lack of...

CVE-2024-2187

creationtimestamp| type| source ---|---|--- 2024-04-11 11:18:03+00:00| seen| https://t.me/arpsyndicate/4514...

CVE-2024-2187

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonials widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-2187

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonials widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...