Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

561 matches found

CVE
CVEadded 2026/05/05 5:30 p.m.16 views

CVE-2026-7851

CVE-2026-7851 affects D-Link DI-8100 (version 16.07.26A1). The vulnerability is in the function sprintf within the file yyxz.asp, where manipulation of the ID argument causes a stack-based buffer overflow. Attack is described as remotely exploitable, and exploit code is publicly available. The pr...

8.6CVSS7.7AI score0.00167EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/05 12:0 a.m.4 views

PT-2026-37223

Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1 Description A buffer overflow exists in the CGI Handler component within the /user group.asp file. This issue occurs in the sprintf function and can be triggered remotely through manipulation. Recommendations ...

9CVSS7.2AI score0.00167EPSS
Exploits1References13
Xen Project
Xen Projectadded 2026/04/28 12:0 p.m.4 views

Linux kernel out of bounds read via Xen-related sysfs file

ISSUE DESCRIPTION The Linux sysfs file /sys/hypervisor/properties/buildid does not contain printable information, but a binary value of typically 16 or 20 bytes, which is not terminated by a zero byte. The kernel driver making this information available is using the sprintf function for writing t...

7.8CVSS5.5AI score0.00006EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/03/26 3:13 p.m.1 views

CVE-2026-25790

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...

7.2CVSS6.3AI score0.0018EPSS
Exploits1References1
NVD
NVDadded 2026/03/17 7:16 p.m.3 views

CVE-2026-25790

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...

7.2CVSS0.0018EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/03/17 6:41 p.m.1 views

CVE-2026-25790

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...

4.9CVSS6.3AI score0.0018EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2026/03/17 6:41 p.m.9 views

CVE-2026-25790

CVE-2026-25790 affects Wazuh prior to 4.14.3 (from 3.9.0 up to but excluding 4.14.3). The issue is a stack-based buffer overflow in the Security Configuration Assessment (SCA) decoder used by wazuh-analysisd, caused by unbounded use of sprintf with a floating-point value into a 128-byte stack buf...

7.2CVSS6.3AI score0.0018EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2026/03/17 6:41 p.m.2 views

CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...

4.9CVSS6.3AI score0.0018EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/03/17 6:41 p.m.0 views

CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...

4.9CVSS6.3AI score0.0018EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/03 1:48 a.m.4 views

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

7.5CVSS6AI score0.00025EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/03 1:48 a.m.4 views

CVE-2026-24113

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

9.8CVSS6.2AI score0.00082EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/03 1:48 a.m.4 views

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

9.8CVSS6.2AI score0.00082EPSS
Exploits1References1
OSV
OSVadded 2026/03/02 3:16 p.m.3 views

CVE-2026-24113

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

9.8CVSS6.1AI score0.00082EPSS
Exploits1References2
NVD
NVDadded 2026/03/02 3:16 p.m.3 views

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

9.8CVSS0.00082EPSS
Exploits1References2
OSV
OSVadded 2026/03/02 3:16 p.m.3 views

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

9.8CVSS6.1AI score0.00082EPSS
Exploits1References2
NVD
NVDadded 2026/03/02 3:16 p.m.3 views

CVE-2026-24108

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

9.8CVSS0.00082EPSS
Exploits1References2
NVD
NVDadded 2026/03/02 3:16 p.m.4 views

CVE-2026-24113

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

9.8CVSS0.00082EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/03/02 12:0 a.m.4 views

PT-2026-22596

Name of the Vulnerable Software and Affected Versions Tenda W20E version 4.0br V15.11.0.6 Description An issue exists in the Tenda W20E router firmware. Attackers can exploit this issue by controlling the picName variable. The picName value is used in the sprintf function without proper size...

10CVSS6.1AI score0.00082EPSS
Exploits1References11
CVE
CVEadded 2026/03/02 12:0 a.m.10 views

CVE-2026-24109

CVE-2026-24109 affects the Tenda W20E router firmware (V4.0br_V15.11.0.6). The issue is a buffer overflow caused by unsafely using the value of the variable picName in sprintf without validating its size, which may allow remote attackers to exploit via network access. Documented impacts are high ...

9.8CVSS6.2AI score0.00082EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/02 12:0 a.m.2 views

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

9.8CVSS6.2AI score0.00082EPSS
Exploits1References3
Rows per page
Query Builder