CVE-2019-25436

Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...

Tenda HG9 安全漏洞

The Tenda HG9 is a WiFi router produced by the Chinese company Tenda. The Tenda HG9 300001138 version has a security vulnerability. This vulnerability stems from incorrect handling of parameters “ssid” in the file “Wireless Configuration Endpoint” of the component “boaform/formWlanSetup”, which m...

CVE-2026-2886

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function setdevicename of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to t...

CVE-2026-2886 Tenda A21 SetOnlineDevName set_device_name stack-based overflow

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function setdevicename of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to t...

CVE-2026-2876

A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parsemacfilterrule of the file /goform/setBlackRule. This manipulation of the argument deviceList causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed an...

CVE-2026-2876

CVE-2026-2876 details (Tenda A18) : Affects Tenda A18 firmware version 15.13.07.13. The vulnerability lies in the function parse_macfilter_rule within /goform/setBlackRule, where manipulating the argument deviceList triggers a stack-based buffer overflow. Reported impact indicates high risk to co...

CVE-2026-2873

CVE-2026-2873 affects Tenda A21 firmware (1.0.0.0) where the setSchedWifi function in /goform/openSchedWifi is vulnerable to a stack-based buffer overflow caused by manipulated schedStartTime/schedEndTime arguments. The vulnerability can be triggered remotely, and the exploit is public (exploit m...

CVE-2026-2871

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to th...

CVE-2026-2871

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to th...

CVE-2026-2872

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The...

CVE-2026-2872

CVE-2026-2872 affects the Tenda A21 (firmware 1.0.0.0) via the MAC Filtering Configuration Endpoint. Affects the /goform/setBlackRule function set_device_name; manipulating the devName/mac argument triggers a stack-based buffer overflow. The vulnerability can be exploited remotely; public exploit...

CVE-2026-2872

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The...

CVE-2026-2872 Tenda A21 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The...

CVE-2026-2871

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to th...

CVE-2026-2871

CVE-2026-2871 affects Tenda A21 (firmware 1.0.0.0). The vulnerability is in the function fromSetIpMacBind of the file /goform/SetIpMacBind, where argument-list manipulation causes a stack-based buffer overflow. This allows remote, unauthenticated code execution with high impact to confidentiality...

CVE-2026-2870 Tenda A21 formSetQosBand set_qosMib_list stack-based overflow

A security flaw has been discovered in Tenda A21 1.0.0.0. Affected by this issue is the function setqosMiblist of the file /goform/formSetQosBand. The manipulation of the argument list results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to th...

Deserialization of Untrusted Data

Overview zumba/json-serializer is a Serialize PHP variables, including objects, in JSON format. Support to unserialize it too. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the JsonSerializer::unserialize function. An attacker can execute arbitrary code...

Division by zero

Overview org.webjars.npm:jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RS...

SUSE SLES12 Security Update : libpng16 (SUSE-SU-2026:0583-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0583-1 advisory. - CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Tenable has extracted the preceding description block...

PT-2026-21388

Name of the Vulnerable Software and Affected Versions Tenda A21 version 1.0.0.0 Description A stack-based buffer overflow exists in the form fast setting wifi set function located in the /goform/fast setting wifi set file. Manipulation of the ssid argument can trigger the overflow, allowing for...