1454 matches found
PT-2026-29045
Name of the Vulnerable Software and Affected Versions ZTE ZXHN H188A versions V6.0.10P2 TE through V6.0.10P3N3 TE Description An issue exists that allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface. These credentials...
CVE-2026-34472
Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...
CVE-2026-4960
A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...
CVE-2026-4960
A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...
CVE-2026-4960 Tenda AC6 POST Request WizardHandle fromWizardHandle stack-based overflow
A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...
CVE-2026-4960 Tenda AC6 POST Request WizardHandle fromWizardHandle stack-based overflow
A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...
CVE-2026-4906
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed...
CVE-2026-4906 Tenda AC5 POST Request WizardHandle decodePwd stack-based overflow
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed...
Tenda AC5 安全漏洞
Tenda AC5 is a wireless router produced by the Chinese company Tenda. Version 15.03.06.47 of Tenda AC5 contains a security vulnerability. This vulnerability stems from improper handling of parameters WANT/WANS in files located at goform/WizardHandle, which may lead to a stack buffer overflow...
Tenda AC6 安全漏洞
Tenda AC6 is a wireless router produced by the Chinese company Tenda. Version 15.03.05.16 of Tenda AC6 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters WANT/WANS in files or the goform/WizardHandle module, which may lead to a stack-based buffer...
CVE-2026-4195
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file...
CVE-2026-2992
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization on the /wp-json/kivicare/v1/setup-wizard/clinic REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated...
CVE-2019-25633
AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...
CVE-2026-4761 Unnecessary permissions on private keys of certificates installed by Network and Security Wizard
When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...
EUVD-2019-20006
AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...
EUVD-2019-20002
AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences...
CVE-2019-25631
AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences...
CVE-2019-25633
AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...
CVE-2019-25633 AIDA64 Extreme 5.99.4900 SEH Buffer Overflow via EggHunter
AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...
CVE-2019-25633
CVE-2019-25633 affects AIDA64 Extreme 5.99.4900. A structured exception handling buffer overflow via the email preferences and report wizard interfaces allows a local attacker to execute arbitrary code by supplying crafted input. Specifically, payloads injected into the Display name field and via...