Lucene search
+L

64 matches found

cvelist
cvelist
added 2026/06/24 4:28 p.m.37 views

CVE-2026-52974 net: tls: fix strparser anchor skb leak on offload RX setup failure

In the Linux kernel, the following vulnerability has been resolved: net: tls: fix strparser anchor skb leak on offload RX setup failure When tlssetdeviceoffloadrx fails at tlsdevadd, the error path calls tlsswfreeresourcesrx to clean up the SW context that was initialized by tlssetswoffload. This...

7.5CVSS0.00506EPSS
Exploits0References6
bdu_fstec
bdu_fstec
added 2026/05/13 12:0 a.m.4 views

The vulnerability of the SetDeviceSettings() function in D-Link DCS-935L wireless HD cameras’ microprogramming software allows a intruder to execute arbitrary code.

The vulnerability of the SetDeviceSettings function in D-Link DCS-935L wireless HD cameras’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS7.4AI score0.00997EPSS
Exploits2References2Affected Software1
cnnvd
cnnvd
added 2026/05/11 12:0 a.m.11 views

D-Link DCS-935L 缓冲区错误漏洞

The D-Link DCS-935L is a router produced by D-Link Corporation. Versions of the D-Link DCS-935L prior to 1.10.01 contain a buffer error vulnerability. This vulnerability stems from the operation of the AdminPassword parameter in the SetDeviceSettings function within the HNAP Service component,...

9CVSS7.7AI score0.00997EPSS
Exploits2References2
redhatcve
redhatcve
added 2026/02/22 7:11 p.m.11 views

CVE-2026-2872

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The...

9CVSS8.5AI score0.00568EPSS
Exploits1References1
osv
osv
added 2026/02/21 9:16 p.m.6 views

CVE-2026-2886

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function setdevicename of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to t...

8.8CVSS6.3AI score0.00556EPSS
Exploits1References5
osv
osv
added 2026/02/21 4:16 p.m.6 views

CVE-2026-2872

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The...

8.8CVSS6.3AI score0.00568EPSS
Exploits1References5
attackerkb
attackerkb
added 2026/02/21 4:2 p.m.6 views

CVE-2026-2872

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The...

9CVSS6.1AI score0.00568EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2026/02/21 4:2 p.m.30 views

CVE-2026-2872 Tenda A21 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The...

9CVSS0.00568EPSS
Exploits1References5
redhatcve
redhatcve
added 2026/02/10 1:23 a.m.6 views

CVE-2026-2185

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be...

9CVSS6.2AI score0.00688EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/02/08 8:32 p.m.8 views

CVE-2026-2185

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be...

9CVSS8.7AI score0.00688EPSS
Exploits1References5Affected Software1
euvd
euvd
added 2026/02/08 8:32 p.m.6 views

EUVD-2026-5765

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be...

9CVSS6.3AI score0.00688EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2026/02/08 8:32 p.m.6 views

CVE-2026-2185 Tenda RX3 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be...

9CVSS6.2AI score0.00688EPSS
Exploits1References5
cvelist
cvelist
added 2026/02/08 8:32 p.m.37 views

CVE-2026-2185 Tenda RX3 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be...

9CVSS0.00688EPSS
Exploits1References5
nessus
nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001060)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001060 advisory. Race condition in the ttyioctl function in drivers/tty/ttyio.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memor...

6.8CVSS6.8AI score0.00382EPSS
Exploits0References31
osv
osv
added 2025/10/07 3:21 p.m.7 views

CVE-2022-50547 media: solo6x10: fix possible memory leak in solo_sysfs_init()

In the Linux kernel, the following vulnerability has been resolved: media: solo6x10: fix possible memory leak in solosysfsinit If deviceregister returns error in solosysfsinit, the name allocated by devsetname need be freed. As comment of deviceregister says, it should use putdevice to give up th...

5.5CVSS6.5AI score0.0019EPSS
Exploits0References12
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-47108

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00815EPSS
Exploits1References1
cnvd
cnvd
added 2025/09/29 12:0 a.m.5 views

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23370)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that stems from a misuse of the parameter mac in the file /goform/setdevicename, which can be exploited by an attacker to cause remote command injection...

8.8CVSS7AI score0.04125EPSS
Exploits1References1
nvd
nvd
added 2025/09/28 5:15 a.m.8 views

CVE-2025-11097

A vulnerability has been found in D-Link DIR-823X 250416. Impacted is an unknown function of the file /goform/setdevicename. The manipulation of the argument mac leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be...

8.8CVSS0.04125EPSS
Exploits1References5
cve
cve
added 2025/09/28 5:2 a.m.20 views

CVE-2025-11097

CVE-2025-11097 affects D-Link DIR-823X firmware 250416. The root cause is a command injection in the /goform/set_device_name handler caused by manipulating the mac parameter. The vulnerability is exploitable remotely and has been publicly disclosed. Multiple sources (NVD, Red Hat, CNVD, CNVD) cor...

8.8CVSS6.7AI score0.04125EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2025/09/28 5:2 a.m.25 views

CVE-2025-11097 D-Link DIR-823X set_device_name command injection

A vulnerability has been found in D-Link DIR-823X 250416. Impacted is an unknown function of the file /goform/setdevicename. The manipulation of the argument mac leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be...

6.5CVSS0.04125EPSS
Exploits1References5
Rows per page
Query Builder