CVE-2026-11499

CVE-2026-11499 affects Tenda HG7HG9/HG10 with version 300001138_en_xpon. The vulnerability is in the function formDOMAINBLK of the file /boaform/formDOMAINBLK. A crafted manipulation of the blkDomain argument leads to a stack-based buffer overflow. The advisory notes this can be exploited remotel...

EUVD-2026-35028

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

OSV-2026-886 Heap-buffer-overflow in ihevcd_fmt_conv

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520748344 Crash type: Heap-buffer-overflow WRITE 8 Crash state: ihevcdfmtconv ihevcddecode Codec::decodeFrame...

PT-2026-47438

Name of the Vulnerable Software and Affected Versions Tenda F451 versions 1.0.0.7 through 1.0.0.9 Description A stack-based buffer overflow exists in the Web Management Interface. This issue occurs within the fromNatlimit function located in the /goform/Natlimit file. A remote attacker can trigge...

PT-2026-47291

Name of the Vulnerable Software and Affected Versions UTT HiPER 2610G versions prior to 3.0.0-171107 Description A remote buffer overflow can occur due to the use of the strcpy function within the /goform/formConfigDnsFilterGlobal file. This issue is triggered by manipulating the GroupName...

TencentOS Server 4: libvncserver (TSSA-2026:0429)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0429 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Amazon Linux 2 : perl, --advisory ALAS2-2026-3352 (ALAS-2026-3352)

The version of perl installed on the remote host is prior to 5.16.3-299. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3352 advisory. Buffer overflow in Perlstudychunk CVE-2026-8376 Tenable has extracted the preceding description block directly from the tested...

Amazon Linux 2 : libsolv, --advisory ALAS2-2026-3338 (ALAS-2026-3338)

The version of libsolv installed on the remote host is prior to 0.6.34-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3338 advisory. A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker- controlled compressed...

PT-2026-47316

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.68 Description A buffer overflow occurs in the mod proxy html module, which can be triggered by an untrusted backend. Recommendations Upgrade to version 2.4.68...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a buffer overflow vulnerability, which stems from excessive reading and writing operations related to Media...

Tenda F451 缓冲区错误漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain buffer overflow vulnerabilities. These vulnerabilities stem from improper handling of the parameter “page” in the fromNatlimit function within the Web Management...

Tenda多款产品 缓冲区错误漏洞

Tenda HG10, etc., are products of the Chinese company Tenda. The Tenda HG10 is a fiber-optic router. The Tenda HG9 is a WiFi router. The Tenda HG7 is a dual-band Wi-Fi fiber network terminal device. Several Tenda products have a buffer error vulnerability. This vulnerability stems from improper...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a buffer overflow issue during the processing of dm-ioctl commands. This vulnerability could lead...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a buffer overflow in the vreallocnode Align function, potentially leading to memory corruption...

Tenda W20E 缓冲区错误漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a buffer overflow vulnerability. This vulnerability stems from improper handling of the parameter “wifiFilterListRemark” in the modifyWifiFilterRules function within the Web Manageme...

Tenda W20E 缓冲区错误漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a buffer overflow vulnerability. This vulnerability stems from the operation of the formSetPortMirror function in the goform/setPortMirror file, specifically regarding the parameter...

UTT HiPER 2610G 缓冲区错误漏洞

UTT HiPER 2610G is a high-end router designed for small and medium-sized enterprise networks by UTT Corporation. Versions of UTT HiPER 2610G 3.0.0-171107 and earlier contain a buffer overflow vulnerability. This vulnerability stems from the strcopy function in the...

UTT HiPER 2610G 缓冲区错误漏洞

UTT HiPER 2610G is a high-end router designed for small and medium-sized enterprise networks by UTT Corporation. Versions of UTT HiPER 2610G 3.0.0-171107 and earlier contain a buffer overflow vulnerability. This vulnerability stems from the strcpy function in the file/goform/formNatStaticMap, whi...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in length calculation within the extractkvectosg function, potentially leading to a buff...