74118 matches found
CVE-2026-5685 Tenda CX12L addressNat fromAddressNat stack-based overflow
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used...
CVE-2026-5685
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used...
CVE-2026-5683
A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack must originate from the local network. The...
CVE-2026-5684 Tenda CX12L webExcptypemanFilter fromwebExcptypemanFilter stack-based overflow
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access to the local...
CVE-2026-5684 Tenda CX12L webExcptypemanFilter fromwebExcptypemanFilter stack-based overflow
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access to the local...
CVE-2026-5684
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access to the local...
CVE-2026-5684
The CVE-2026-5684 vulnerability affects Tenda CX12L (firmware 16.03.53.12). The issue resides in the function fromwebExcptypemanFilter in /goform/webExcptypemanFilter, where crafted input can trigger a stack-based overflow in the affected component. An attacker on the local network can potentiall...
CVE-2026-5683
A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack must originate from the local network. The...
CVE-2026-5683 Tenda CX12L P2pListFilter fromP2pListFilter stack-based overflow
A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack must originate from the local network. The...
CVE-2026-5683
The CVE-2026-5683 issue affects Tenda CX12L firmware 16.03.53.12, specifically the fromP2pListFilter function in /goform/P2pListFilter. Manipulating the argument page triggers a stack-based buffer overflow, with the attack originating from the local network. Public exploitation is indicated in mu...
CVE-2025-54328
An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DA...
CVE-2026-34992
Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to 2.4.5 and 2.5.2, a missing encryption vulnerability affects inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fail...
CVE-2026-34992 Missing Encryption of Sensitive Data in antrea.io/antrea
Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to 2.4.5 and 2.5.2, a missing encryption vulnerability affects inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fail...
CVE-2026-34992
CVE-2026-34992 pertains to Antrea (Kubernetes networking). In dual-stack clusters with IPsec (trafficEncryptionMode: ipsec), IPv6 Pod traffic is not encrypted while IPv4 traffic is secured by ESP; packets are encapsulated (Geneve/VXLAN) but bypass the IPsec layer. Impacted users run dual-stack co...
CVE-2026-34992 Missing Encryption of Sensitive Data in antrea.io/antrea
Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to 2.4.5 and 2.5.2, a missing encryption vulnerability affects inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fail...
CVE-2025-47391 Stack-based Buffer Overflow in Camera Driver
Memory corruption while processing a frame request from user...
CVE-2025-47391
CVE-2025-47391 corresponds to a memory corruption issue described in connected records as a stack-based buffer overflow in a camera driver, triggered during processing of a frame request from user. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) indicates local attack vector with low pr...
CVE-2026-34211 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, the @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions...
CVE-2026-34211 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, the @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions...
CVE-2026-5544
A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit h...