CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

193 matches found

Snyk•added 2026/05/13 8:2 p.m.•6 views

Insufficient Session Expiration

Overview @strapi/plugin-users-permissions is a headless CMS Affected versions of this package are vulnerable to Insufficient Session Expiration in the password reset or change operation. An attacker can maintain unauthorized access by continuing to use a previously obtained refresh token to...

6.9CVSS5.8AI score0.00059EPSS

Exploits0References2

RedhatCVE•added 2025/11/21 12:18 a.m.•7 views

CVE-2025-65226

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the deviceId parameter in /goform/saveParentControlInfo...

4.3CVSS7.2AI score0.00041EPSS

Exploits1References1

NVD•added 2025/11/20 3:17 p.m.•4 views

CVE-2025-65226

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the deviceId parameter in /goform/saveParentControlInfo...

4.3CVSS0.00041EPSS

Exploits1References1

OSV•added 2025/11/20 3:17 p.m.•0 views

CVE-2025-65226

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the deviceId parameter in /goform/saveParentControlInfo...

4.3CVSS5.8AI score

Exploits0References1

CNNVD•added 2025/11/20 12:0 a.m.•3 views

Tenda AC21 安全漏洞

Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...

4.3CVSS7.3AI score0.00041EPSS

Exploits1References2

Vulnrichment•added 2025/11/20 12:0 a.m.•3 views

CVE-2025-65226

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the deviceId parameter in /goform/saveParentControlInfo...

6.8AI score0.00041EPSS

Exploits1References1

RedhatCVE•added 2025/11/11 12:11 a.m.•1 views

CVE-2025-63147

Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the deviceId parameter of the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS7.6AI score0.00102EPSS

Exploits1References1

OSV•added 2025/11/10 5:15 p.m.•0 views

CVE-2025-63147

7.5CVSS5.9AI score

Exploits0References1

Positive Technologies•added 2025/11/10 12:0 a.m.•4 views

PT-2025-46174

Name of the Vulnerable Software and Affected Versions Tenda AX3 version 16.03.12.10 CN Description The Tenda AX3 device contains a stack overflow issue in the deviceId parameter of the saveParentControlInfo function. A crafted request can lead to a Denial of Service DoS. Recommendations Update to...

7.1AI score0.00102EPSS

Exploits1References4

CNNVD•added 2025/11/10 12:0 a.m.•1 views

Tenda AX3 安全漏洞

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability, which stems from the deviceId parameter of t...

7.5CVSS7.1AI score0.00102EPSS

Exploits1References2

Vulnrichment•added 2025/11/10 12:0 a.m.•2 views

CVE-2025-63147

7.2AI score0.00102EPSS

Exploits1References1

RedhatCVE•added 2025/11/01 12:25 a.m.•2 views

CVE-2025-63454

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow via the deviceId parameter in the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS7.6AI score0.0011EPSS

Exploits1References1

EUVD•added 2025/10/31 9:31 p.m.•1 views

EUVD-2025-37398

7.1AI score0.0011EPSS

Exploits1References2

OSV•added 2025/10/31 7:15 p.m.•0 views

CVE-2025-63454

7.5CVSS5.9AI score

Exploits0References1

CVE•added 2025/10/31 12:0 a.m.•4 views

CVE-2025-63454

CVE-2025-63454 affects the Tenda AX-3 router, specifically version v16.03.12.10_CN. Multiple connected sources describe a stack overflow in the get_parentControl_list_Info function caused by the deviceId parameter , which can be triggered by a crafted request to induce a Denial of Service (DoS) ....

7.5CVSS7.2AI score0.0011EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2025/10/31 12:0 a.m.•3 views

PT-2025-44668

Name of the Vulnerable Software and Affected Versions Tenda AX-3 version 16.03.12.10 CN Description A stack overflow exists in the Tenda AX-3 router. This issue is triggered via the deviceId parameter within the get parentControl list Info function. A crafted request can lead to a Denial of Servi...

9CVSS6.8AI score0.0011EPSS

Exploits1References6

Cvelist•added 2025/10/31 12:0 a.m.•3 views

CVE-2025-63454

0.0011EPSS

Exploits1References1

CVE•added 2025/10/22 12:0 a.m.•6 views

CVE-2025-60340

The CVE-2025-60340 entry concerns Tenda AC6 v15.03.06.50. The SetClientState function contains buffer overflow flaws in processing input, specifically in the limitSpeed, deviceId, and limitSpeedUp parameters. This vulnerability is described across multiple sources as enabling Denial of Service (D...

7.5CVSS6.8AI score0.00114EPSS

Exploits1References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-19651

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0025EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-48507

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00354EPSS

Exploits1References1