16585 matches found
CVE-2026-36811
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the formDelwebAuthPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36798
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple stack overflows in the formSetDebugCfgr function via the enable, level, and module parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36803
Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the qossetting function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36802
Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the SafeMacFilter function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
PT-2026-48199
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36784
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain a stack overflow in the ip parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service DoS via a HTTP request...
CVE-2026-36819
The CVE covers Shenzhen Tenda Technology Co., Ltd Tenda W20E devices (v15.11.0.6). A buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function is reported, enabling a DoS through a crafted HTTP request. Affected component: W20E firmware; underlying issue: improper input handli...
CVE-2026-36796
CVE-2026-36796 affects Shenzhen Tenda Technology Co., Ltd Tenda G0 firmware v15.11.0.5. The issue is a stack overflow in the picCropName parameter of the formCropAndSetWewifiPic function, enabling a remote attacker to trigger Denial of Service via a crafted HTTP request. CVSS v3.1 metrics indicat...
CVE-2026-36801
CVE-2026-36801 concerns Shenzhen Tenda Technology Co., Ltd. Tenda G0 firmware v15.11.0.5, where a buffer overflow in the IPMacBindRule parameter of the formIPMacBindAdd function can be triggered by a crafted HTTP request, leading to a Denial of Service. Affected component/trigger: the vulnerable ...
ROS-20260609-73-0007
The vulnerability of the ngxhttprewritemodule module in NGINX Plus and NGINX Open Source web servers is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a denial-of-service attack by sending a specially crafte...
CVE-2026-36783
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain a stack overflow in the domain parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36805
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...
EulerOS 2.0 SP11 : libsoup (EulerOS-SA-2026-2251)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in th...
EulerOS 2.0 SP11 : libsoup (EulerOS-SA-2026-2213)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in th...
CVE-2026-36822
CVE-2026-36822 affects Shenzhen Tenda Technology Co., Ltd. Tenda W20E v15.11.0.6. The issue is a buffer overflow in the macAddr parameter of the formDelStaState function, enabling a Denial of Service via a crafted HTTP request. No exploitation specifics or mitigations are provided in the document...
CVE-2026-36818
The CVE-2026-36818 records a buffer overflow in Shenzhen Tenda Technology Co., Ltd’s Tenda W20E (v15.11.0.6) in the wewifiWhiteUserInfo parameter of the formAddWewifiWhiteUser function. This vulnerability enables a Denial of Service via a crafted HTTP request. The root cause, as reported across s...
Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)
Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component...
Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)
Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component...
Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)
Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Vulnerabilit...
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)
Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Vulnerability...