PT-2026-48206

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36817

CVE-2026-36817 affects Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10. The issue is a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function, which can be triggered by a crafted HTTP request to cause a Denial of Service (DoS). The CVSS v3.1 vector...

CVE-2026-36801

CVE-2026-36801 concerns Shenzhen Tenda Technology Co., Ltd. Tenda G0 firmware v15.11.0.5, where a buffer overflow in the IPMacBindRule parameter of the formIPMacBindAdd function can be triggered by a crafted HTTP request, leading to a Denial of Service. Affected component/trigger: the vulnerable ...

CVE-2026-36811

CVE-2026-36811 affects Shenzhen Tenda Technology Co., Ltd. — Tenda W15E v15.11.0.10. The issue is a buffer overflow in the picName parameter of the formDelwebAuthPic function, which leads to a Denial of Service (DoS) via a crafted HTTP request. Exploitation details are not provided in the availab...

CVE-2026-36811

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the formDelwebAuthPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36816

Affected product: Shenzhen Tenda Technology Co., Ltd Tenda W15E (firmware v15.11.0.10). Vulnerability: buffer overflow in the wewifiWhiteUserInfo parameter of the formAddWewifiWhiteUser function. Impact: enables an attacker to cause a Denial of Service (DoS) via a crafted HTTP request. Root cause...

CVE-2026-36819

The CVE covers Shenzhen Tenda Technology Co., Ltd Tenda W20E devices (v15.11.0.6). A buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function is reported, enabling a DoS through a crafted HTTP request. Affected component: W20E firmware; underlying issue: improper input handli...

CVE-2026-36810

CVE-2026-36810 concerns Shenzhen Tenda Technology Co., Ltd. Tenda W15E (v15.11.0.10). A buffer overflow is reported in the gotoUrl parameter of the formPortalAuth function, enabling a Denial of Service (DoS) via a crafted HTTP request. The available documents consistently describe this vulnerabil...

PT-2026-48201

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the gotoUrl parameter of the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

ROS-20260609-73-0004

The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

ROS-20260609-73-0003

The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the greybus gb-beagleplay driver. In this driver, the cc1352bootloaderrx function does not check...

QNAP QTS 缓冲区错误漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of QNAP Systems Corporation. QNAP Systems QTS is an entry-level operating system. QNAP Systems QuTS hero is another operating system. Both QNAP Systems QTS and QNAP Systems QuTS hero have security vulnerabilities; these vulnerabilities...

Red Hat 389 Directory Server 缓冲区错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server. This vulnerability stems from the checkPrefix function in the pw.c module, which copies the algorithm ID...

PT-2026-47789

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow exists in the greybus gb-beagleplay component. The cc1352 bootloader rx function appends serdev chunks into a fixed rx buffer before parsing bootloader packets. Because...

Adobe InCopy < 20.5.4 / 21.0 < 21.4.0 Multiple Vulnerabilities Arbitrary code execution (APSB26-59)

The version of Adobe InCopy installed on the remote host is prior to 20.5.4, 21.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-59 advisory. - InCopy versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could...

Adobe Acrobat < 24.001.30383 / 26.001.21662 Multiple Vulnerabilities (APSB26-63) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 24.001.30383 or 26.001.21662. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Stack-based Buffer Overflow vulnerability...

PT-2026-48200

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthWhiteID parameter of the formModifyWebAuthWhiteUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

X.Org Server CheckKeyTypes Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of key...

CVE-2026-36820

Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...