CVE-2026-5830 Tenda AC15 SysToolChangePwd websGetVar stack-based overflow

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...

CVE-2026-5830

CVE-2026-5830 affects Tenda AC15 firmware 15.03.05.18. The vulnerability resides in the function websGetVar of /goform/SysToolChangePwd and results from manipulating the arguments oldPwd/newPwd/cfmPwd, causing a stack-based buffer overflow. The issue can be exploited remotely, and public exploit ...

EUVD-2026-20809

A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgimain of the file /cgi-bin/hedwig.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only...

PT-2026-31643

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

PT-2026-31830

A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function fromSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

wolfSSL（CyaSSL） 安全漏洞

WolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, designed for developers working with embedded systems. WolfSSL CyaSSL has security vulnerabilities; these vulnerabilities stem from two potential stack overflow points in the...

PT-2026-31824

Name of the Vulnerable Software and Affected Versions Tenda F451 version 1.0.0.7 Description A stack-based buffer overflow exists in the formWrlsafeset function of the /goform/AdvSetWrlsafeset file. Manipulation of the mit ssid argument can trigger this issue. The attack can be initiated remotely...

Tenda F451 安全漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the operation of the mitssid parameter in the formWrlsafesets function of the/goform/AdvSetWrlsafeset file, which may lead ...

Delta Electronics ASDA-Soft Stack Buffer Overflow Vulnerability

Delta Electronics ASDA-Soft is an AC servo motor from Delta Electronics China. The Delta Electronics ASDA-Soft suffers from a stack buffer overflow vulnerability caused by incorrect boundary checking when parsing an incorrectly formatted .par file, which can be exploited by an attacker to execute...

osslsigncode 缓冲区错误漏洞

Osslsigncode is a small tool developed by Michał Trojnara as an individual developer. It implements some of the functions of the Microsoft tool signtool.exe. Versions of Osslsigncode prior to version 2.12 contained a buffer error vulnerability. This vulnerability stemmed from multiple signature...

Linux Distros Unpatched Vulnerability : CVE-2026-39853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in...

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router produced by the Chinese company Tenda. Version 15.03.05.18 of the Tenda AC15 contains a security vulnerability. This vulnerability arises from incorrect operations with parameters oldPwd/newPwd/cfmPwd in the function websGetVar within the...

CVE-2026-5815 D-Link DIR-645 hedwig.cgi hedwigcgi_main stack-based overflow

A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgimain of the file /cgi-bin/hedwig.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only...

CVE-2026-5815 D-Link DIR-645 hedwig.cgi hedwigcgi_main stack-based overflow

A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgimain of the file /cgi-bin/hedwig.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only...

CVE-2026-5815

CVE-2026-5815 affects D-Link DIR-645, versions 1.01–1.03. The vulnerability is in the hedwigcgi_main function of /cgi-bin/hedwig.cgi, causing a stack-based buffer overflow. It is exploitable remotely, with a public exploit available. The issue impacts products no longer supported by the maintaine...

EUVD-2026-20542

A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow...

CVE-2026-30814

A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow...

CVE-2026-30814 Buffer Overflow Vulnerability in TP-Link AX53

A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow...

CLSA-2026-1775649722 libxml2: Fix of 6 CVEs

CVE-2024-34459: fix buffer over-read in xmlHTMLPrintFileContext in xmllint - CVE-2025-8732: fix stack overflow from self-referencing SGML CATALOG entries - CVE-2026-0989: add RelaxNG include recursion limit - CVE-2026-0990: prevent infinite recursion in xmlCatalogListXMLResolveURI -...

TP-Link Archer AX53 安全漏洞

The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior versions of the TP-Link Archer AX53, including v1.0, 1.7.1 Build 20260213, contained security vulnerabilities. These vulnerabilities were caused by a stack-based buffer overflow in the tmpServer module, which cou...