Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the webAuthUserInfo parameter within the formAddWebAuthUser function. It could allow attackers ...

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the webAuthUserPwd parameter within the formAddWebAuthUser function. It could allow attackers t...

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the webAuthUserPwd parameter within the formModifyWebAuthUser function, which could allow...

Tenda G0 安全漏洞

Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from a buffer overflow in the IPMacBindRule parameter within the formIPMacBindAdd function. It could allow attackers to cause denial-of-service...

Tenda G0 安全漏洞

Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from a buffer overflow in the portalAuth parameter of the formPortalAuth function, which could allow attackers to cause denial-of-service attac...

Tenda PW201A 安全漏洞

The Tenda PW201A is a power line network adapter produced by the Chinese company Tenda. Version 1.0.5 of the Tenda PW201A contains a security vulnerability. This vulnerability stems from a buffer overflow in the page parameter within the qossetting function, which could allow attackers to cause...

PT-2026-47888

Name of the Vulnerable Software and Affected Versions Remote Desktop Client affected versions not specified Description A heap-based buffer overflow in the Remote Desktop Client allows an unauthorized attacker to execute code over a network. A heap-based buffer overflow occurs when a program writ...

CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

CVE-2026-9669

The CVE affects Python’s bz2.BZ2Decompressor: objects could be reused after a decompression error, allowing an application that catches OSError and retries with the same decompressor to resume in an invalid internal state and perform out-of-bounds writes to a stack buffer, possibly crashing the p...

CVE-2026-45700

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. The planar bitmap decoder contains an out-of-bounds heap write vulnerability when processing RLE planar data. A remote attacker could exploit this by providing specially crafted RLE planar data, leading to an...

CVE-2026-46294

A flaw was found in the Linux kernel, specifically within the dm-ioctl module. An improper pointer alignment in the retrievestatus function could lead to a buffer overflow, where data is written beyond the allocated buffer. Despite this, the vulnerability has no practical security implications as...

CVE-2026-46294

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

CVE-2026-46281

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

UBUNTU-CVE-2026-46294

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

UBUNTU-CVE-2026-46281

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

CVE-2026-11553

Vulnerability (CVE-2026-11553) affects Tenda HG7HG9 and HG10 models (firmware variant 300001138_en_xpon). The flaw is in the function formPPPEdit in /boaform/formPPPEdit: manipulating the argument encodename causes a stack-based buffer overflow. The issue can be exploited remotely, and public exp...

CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

CVE-2026-34356

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

CVE-2026-11528

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...