Lucene search
K

29 matches found

Redos
Redos
added 2026/03/19 12:0 a.m.5 views

ROS-20260319-73-0003

A vulnerability in the netsetvlan function of the Network module of the Grub2 operating system loader is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

4.9CVSS5.8AI score0.00127EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/31 7:7 a.m.10 views

CVE-2025-15230

A vulnerability was found in Tenda M3 1.0.0.134903. Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing a manipulation of the argument qvlantruckport results in heap-based buffer overflow. Remote exploitation of the attack is possible. The...

9CVSS8.3AI score0.00619EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/31 7:7 a.m.7 views

CVE-2025-15231

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...

9CVSS8.9AI score0.00632EPSS
Exploits1References1
NVD
NVD
added 2025/12/30 7:15 a.m.4 views

CVE-2025-15231

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...

9CVSS0.00632EPSS
Exploits1References5
OSV
OSV
added 2025/12/30 7:15 a.m.3 views

CVE-2025-15231

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...

8.7CVSS6.4AI score
Exploits0References5
Cvelist
Cvelist
added 2025/12/30 7:2 a.m.25 views

CVE-2025-15231 Tenda M3 setVlanInfo formSetRemoteVlanInfo stack-based overflow

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...

9CVSS0.00632EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/30 7:2 a.m.6 views

CVE-2025-15231 Tenda M3 setVlanInfo formSetRemoteVlanInfo stack-based overflow

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...

9CVSS8.8AI score0.00632EPSS
Exploits1References5
CVE
CVE
added 2025/12/30 7:2 a.m.11 views

CVE-2025-15231

CVE-2025-15231 affects Tenda M3 router (version 1.0.0.13(4903)). The vulnerability is a stack-based buffer overflow in the function formSetRemoteVlanInfo within /goform/setVlanInfo caused by manipulating the ID/vlan/port parameters. Exploitation can be performed remotely and public exploit detail...

9CVSS8.9AI score0.00632EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/12/30 7:2 a.m.4 views

CVE-2025-15231

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...

9CVSS6.2AI score0.00632EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/12/30 6:32 a.m.6 views

CVE-2025-15230

A vulnerability was found in Tenda M3 1.0.0.134903. Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing a manipulation of the argument qvlantruckport results in heap-based buffer overflow. Remote exploitation of the attack is possible. The...

9CVSS5.7AI score0.00619EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/12/30 6:32 a.m.11 views

CVE-2025-15230

The CVE-2025-15230 entry affects Tenda M3 1.0.0.13(4903). The vulnerability resides in the /goform/setVlanPolicyData::formSetVlanPolicy function, where manipulating the qvlan_truck_port argument causes a heap-based buffer overflow. Remote exploitation is possible, and an exploit has been publicly...

9CVSS8.3AI score0.00619EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.6 views

PT-2025-53850

Name of the Vulnerable Software and Affected Versions Tenda M3 version 1.0.0.134903 Description A flaw exists in the Tenda M3 router that could allow for remote code execution. The issue is due to a stack-based buffer overflow within the formSetRemoteVlanInfo function, located in the...

9CVSS9.2AI score0.00632EPSS
Exploits1References12
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.4 views

Tenda M3 安全漏洞

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the incorrect operation of the parameters ID, vlan and port in...

9CVSS7.7AI score0.00632EPSS
Exploits1References5
SUSE Linux
SUSE Linux
added 2025/11/24 10:54 a.m.5 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61661: Fixed out-of-bounds write in...

4.9CVSS7.4AI score0.0019EPSS
Exploits0References32
Microsoft CVE
Microsoft CVE
added 2025/11/21 1:3 a.m.8 views

Grub2: use-after-free in net_set_vlan

...

4.9CVSS7AI score0.00127EPSS
Exploits0
EUVD
EUVD
added 2025/11/18 9:32 p.m.5 views

EUVD-2025-198077

A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...

4.9CVSS6.5AI score0.00127EPSS
Exploits0References4
OSV
OSV
added 2025/11/18 7:15 p.m.3 views

DEBIAN-CVE-2025-54770

A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...

4.9CVSS5.4AI score0.00127EPSS
Exploits0References1
NVD
NVD
added 2025/11/18 7:15 p.m.4 views

CVE-2025-54770

A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...

4.9CVSS0.00127EPSS
Exploits0References4
OSV
OSV
added 2025/11/18 7:15 p.m.6 views

UBUNTU-CVE-2025-54770

A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...

4.9CVSS5.8AI score0.00127EPSS
Exploits0References4
CVE
CVE
added 2025/11/18 6:30 p.m.57 views

CVE-2025-54770

CVE-2025-54770 is a Use-After-Free in GRUB2’s network module (net_set_vlan) triggered when the network module is unloaded, allowing a local attacker to access freed memory and cause a DoS crash. Connected advisories (ALAS/OpenSUSE/SUSE) confirm this issue across grub2 packages and list affected r...

4.9CVSS6.7AI score0.00127EPSS
Exploits0References4
Rows per page
Query Builder