CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34109 matches found

Positive Technologies•added 2026/03/27 12:0 a.m.•3 views

PT-2026-28700

Name of the Vulnerable Software and Affected Versions Tenda AC15 version 15.03.05.19 Description A flaw exists in the Tenda AC15 router that allows remote attackers to trigger a stack-based buffer overflow. The issue is located within the POST Request Handler component, specifically in the...

9CVSS6.4AI score0.00632EPSS

Exploits1References8

CNNVD•added 2026/03/27 12:0 a.m.•8 views

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router produced by the Chinese company Tenda. Version 15.03.05.19 of the Tenda AC15 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/setcfm, specifically funcpara1. It may lead to a stack-based buffer...

9CVSS7.6AI score0.00632EPSS

Exploits1References6

Positive Technologies•added 2026/03/27 12:0 a.m.•6 views

PT-2026-28687

Name of the Vulnerable Software and Affected Versions Tenda AC6 version 15.03.05.16 Description A flaw exists in the Tenda AC6 device that allows for a stack-based buffer overflow. This occurs through the manipulation of the PPPOEPassword argument within the formQuickIndex function, located in th...

9CVSS6.3AI score0.00773EPSS

Exploits1References7

Amazon•added 2026/03/27 12:0 a.m.•5 views

Important: libtiff

Issue Overview: libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144 Affected Packages: libtiff...

9.8CVSS5.8AI score0.00253EPSS

Exploits1

Tenable Nessus•added 2026/03/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-33532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior...

4.3CVSS6AI score0.00469EPSS

Exploits1References4

Vulnrichment•added 2026/03/26 11:11 p.m.•3 views

CVE-2026-4905 Tenda AC5 POST Request WifiWpsOOB formWifiWpsOOB stack-based overflow

A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the attack is possible...

9CVSS7.6AI score0.00632EPSS

Exploits1References5

Cvelist•added 2026/03/26 11:11 p.m.•25 views

CVE-2026-4905 Tenda AC5 POST Request WifiWpsOOB formWifiWpsOOB stack-based overflow

9CVSS0.00632EPSS

Exploits1References5

CVE•added 2026/03/26 11:11 p.m.•15 views

CVE-2026-4905

CVE-2026-4905 affects Tenda AC5 firmware version 15.03.06.47. The vulnerability lies in the POST Request Handler’s function formWifiWpsOOB (file /goform/WifiWpsOOB), where manipulating the argument index leads to a stack-based buffer overflow. Remote exploitation is possible, and the exploit has ...

9CVSS7.8AI score0.00632EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2026/03/26 11:11 p.m.•2 views

CVE-2026-4904 Tenda AC5 POST Request setcfm formSetCfm stack-based overflow

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

9CVSS7.9AI score0.00746EPSS

Exploits1References5

ATTACKERKB•added 2026/03/26 11:11 p.m.•2 views

CVE-2026-4904

9CVSS8.1AI score0.00746EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/03/26 11:11 p.m.•26 views

CVE-2026-4904 Tenda AC5 POST Request setcfm formSetCfm stack-based overflow

9CVSS0.00746EPSS

Exploits1References5

CVE•added 2026/03/26 11:11 p.m.•9 views

CVE-2026-4904

CVE-2026-4904 affects Tenda AC5 firmware version 15.03.06.47. The flaw resides in the POST handler’s /goform/setcfm function SetCfm, where manipulation of the funcpara1 argument can trigger a stack-based buffer overflow. Exploitation is possible remotely, and public exploit disclosure is noted. T...

9CVSS8.1AI score0.00746EPSS

Exploits1References5Affected Software1

ATTACKERKB•added 2026/03/26 10:30 p.m.•1 views

CVE-2026-4903

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. Th...

9CVSS8.1AI score0.05461EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/03/26 10:30 p.m.•20 views

CVE-2026-4902 Tenda AC5 POST Request addressNat fromAddressNat memory corruption

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...

9CVSS0.00632EPSS

Exploits1References5

ATTACKERKB•added 2026/03/26 10:30 p.m.•2 views

CVE-2026-4902

9CVSS8.1AI score0.00632EPSS

Exploits1References5Affected Software1

NVD•added 2026/03/26 8:16 p.m.•5 views

CVE-2026-33532

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

4.3CVSS0.00469EPSS

Exploits1References4