61495 matches found
CVE-2026-34124 Denial of Service via Path Expansion Overflow in HTTP Service in TP-Link Tapo C520WS
A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but does not account for path expansion performed during normalization. An attacker on the adjacent...
CVE-2026-34124 Denial of Service via Path Expansion Overflow in HTTP Service in TP-Link Tapo C520WS
A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but does not account for path expansion performed during normalization. An attacker on the adjacent...
CVE-2026-34122 Stack-based Buffer Overflow Leading to Denial of Service in TP-Link Tapo C520WS
A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter,...
CVE-2026-34122 Stack-based Buffer Overflow Leading to Denial of Service in TP-Link Tapo C520WS
A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter,...
CVE-2026-34122
A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter,...
CVE-2026-34121
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an...
CVE-2026-34121 Authentication Bypass in DS Configuration Service via HTTP Request Parsing Differential of TP-Link Tapo C520WS
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an...
CVE-2026-34121 Authentication Bypass in DS Configuration Service via HTTP Request Parsing Differential of TP-Link Tapo C520WS
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an...
CVE-2026-34120 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...
CVE-2026-34120 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...
CVE-2026-34120
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...
CVE-2026-34120
The vulnerability CVE-2026-34120 affects TP-Link Tapo C520WS (v2.6). A heap-based buffer overflow occurs in the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs. An attacker on the same network se...
CVE-2026-34119
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...
CVE-2026-34119
CVE-2026-34119 — TP-Link Tapo C520WS (v2.6) shows a heap-based buffer overflow in the HTTP parsing loop when appending segmented request bodies, due to insufficient boundary validation for externally supplied HTTP input. The issue can allow heap memory corruption on the device when an attacker on...
CVE-2026-34118 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...
CVE-2026-34118 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...
CVE-2026-34118
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...
CVE-2026-27774
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...
CVE-2026-27774
CVE-2026-27774 affects Acronis True Image for Windows prior to build 42902. The issue is a DLL hijacking vulnerability that leads to local privilege escalation. Documentation lists the root cause as DLL search/loading issues; attack vector is local with high confidentiality/integrity/availability...
CVE-2025-40246
creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260408...