34194 matches found
CVE-2026-3970 Tenda i3 wifiSSIDget formwrlSSIDget stack-based overflow
A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2026-3970
CVE-2026-3970 affects Tenda i3 1.0.0.6(2204). The vulnerability is in the function formwrlSSIDget of the file /goform/wifiSSIDget, where manipulation of the argument index can trigger a stack-based buffer overflow . It can be exploited remotely, and a working exploit has been published. The provi...
CVE-2026-3970
A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves publicly reported vulnerability. An attacker who successfully exploited these vulnerabilities could cause a crash, denial-of-service DoS, or potentially...
PT-2026-24914
A vulnerability was identified in Tenda W3 1.0.0.32204. This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the component HTTP Handler. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be performed from remote. Th...
PT-2026-24906
A vulnerability was found in Tenda W3 1.0.0.32204. Affected by this issue is the function formSetCfm of the file /goform/setcfm of the component HTTP Handler. The manipulation of the argument funcpara1 results in stack-based buffer overflow. The attack can only be performed from the local network...
D-Link DIR-513 安全漏洞
The D-Link DIR-513 is a wireless router product from D-Link Corporation. Version 1.10 of the D-Link DIR-513 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/formEasySetupWizard3, specifically the parameter “wanconnected”. This...
flatted 安全漏洞
Flatted is a lightweight and fast cycle-based JSON parser developed by Andrea Giammarchi. Versions of Flatted prior to 3.4.0 contained a security vulnerability. This vulnerability stemmed from the recursive depth of the parse function when handling specially crafted payloads, which could lead to ...
PT-2026-25037
Name of the Vulnerable Software and Affected Versions flatted versions prior to 3.4.0 Description flatted is a circular JSON parser. The parse function uses a recursive revive phase to resolve circular references in deserialized JSON. When provided with a crafted payload containing deeply nested ...
PT-2026-24902
A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2026-25823
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...
Tenda i3 安全漏洞
The Tenda i3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.62204 of the Tenda i3 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “index/GO” in the file/goform/wifiSSIDset, which may lead to a stack buffe...
CVE-2026-25823
Affected products: HMS Networks Ewon Flexy (firmware before 15.0s4) and Cosy+ (firmware before 22.1s6 and before 23.0s3). Issue: stack buffer overflow in the affected WEB/firmware stack leads to Denial of Service, with potential for Unauthenticated Remote Code Execution. Root cause: insufficient ...
CVE-2025-70245
CVE-2025-70245 affects D-Link DIR-513 v1.10, vulnerable via the curTime parameter to goform/formSetWizardSelectMode, causing a stack-based buffer overflow. The connected sources consistently describe this as a stack buffer overflow in the specified device/firmware context; no explicit exploit det...
CVE-2025-70245
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizardSelectMode...
Tenda W3 安全漏洞
Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/setcfm, specifically parameter funcpara1, which may lead to a stack buffe...
Tenda W3 安全漏洞
Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/WifiMacFilterGet, specifically the wlradio parameter, which may lead to a...
Tenda W3 安全漏洞
Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameter index in the component POST Parameter Handler, specifically in the file/goform/wifiSSIDget...
GPAC 安全漏洞
GPAC is an open-source multimedia framework developed by GPAC. The GPAC 26.03-DEV version contains a security vulnerability, which stems from a stack buffer overflow in the txtinprocesstexml function within the TeXML File Parser component...
PT-2026-24903
A vulnerability has been found in Tenda i3 1.0.0.62204. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument index/GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has bee...