PT-2026-8314

Name of the Vulnerable Software and Affected Versions Comfast CF-E4 version 2.6.0.1 Description A flaw exists in Comfast CF-E4 that allows for remote command injection. The issue is located within the HTTP POST Request Handler component, specifically in the file...

Comfast CF-E4 命令注入漏洞

The Comfast CF-E4 is a wireless router produced by Comfast Corporation. The Comfast CF-E4 2.6.0.1 version has a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter “timestr” in the file /cgi-bin/mbox-config?method=SET§ion=ntptimezone within the...

CVE-2026-2203

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

CVE-2026-2203

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

CVE-2026-2203

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

Tenda AC8 安全漏洞

The Tenda AC8 is a wireless router produced by the Chinese company Tenda. Version 16.03.33.05 of the Tenda AC8 contains a security vulnerability. This vulnerability stems from incorrect handling of the file/goform/fast-settingwifi-set parameter timeZone in the Embedded Httpd Service component,...

PT-2026-6986

Name of the Vulnerable Software and Affected Versions Tenda AC8 version 16.03.33.05 Description A buffer overflow issue exists in the Embedded Httpd Service component of Tenda AC8. The flaw is located in the file '/goform/fast setting wifi set' and is triggered by manipulating the timeZone...

mariadb security update

1:5.5.68-1.0.1 - Fixes CVE-2025-13699, remote code execution via improper path validation Orabug: 38829265 - Fixes failing SSL and timezone tests...

CLSA-2026-1769162597 mariadb: Fix of CVE-2025-13699

timezone-test-to-cet: change the timezone to CET to fix the test failure - CVE-2025-13699: fix directory traversal...

CLSA-2026-1768815310 mariadb: Fix of CVE-2025-13699

timezone-test-to-cet: change the timezone to CET to fix the test failure - CVE-2025-13699: fix directory traversal in mariadb-dump --tab by safely converting table and view names when generating output file paths...

CVE-2025-70746

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-70746

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

Tenda AX1806 security vulnerabilities

The Tenda AX1806 is a WiFi6 wireless router produced by the Chinese company Tenda. The Tenda AX1806 v1.0.0.1 version has a security vulnerability. This vulnerability stems from a stack overflow in the timeZone parameter of the fromSetSysTime function, which may allow for a denial-of-service attac...

📄 AVideo Notify.ffmpeg.json.php Unauthenticated Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in the AVideos notify.ffmpeg.json.php endpoint. The vulnerability stems from a critical cryptographic weakness in the salt generation mechanism combined with information disclosure vulnerabilities that allow an...

CVE-2025-70746

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-70746

CVE-2025-70746 affects Tenda AX-1806 v1.0.0.1. The vulnerability is a stack overflow in the timeZone parameter of the fromSetSysTime function, which can cause a Denial of Service (DoS) when processing a crafted request. The connected sources describe the same issue but do not provide details on a...

PT-2026-3258

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-70746

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2022-26991

Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

DLA-4403-1 tzdata - new timezone database

Bulletin has no description...