CVE-2025-11091 Tenda AC21 SetStaticRouteCfg sscanf buffer overflow

A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...

Tenda G3 安全漏洞

Tenda G3 is a Qos Vpn router from Tenda, China. A security vulnerability exists in the Tenda G3 firmware version USG3V3.0brV15.11.0.67663ENTDE, which originates from a buffer overflow due to sscanf in the addDhcpRule function in its httpd binary component...

ALPINE-CVE-2021-22925

curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...

DEBIAN-CVE-2019-9718

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

Wireshark BER Parser Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. In Wireshark versions 2.0.x before 2.0.1 and 1.12.x before 1.12.9, the function dissectberGeneralizedTime within epan/dissectors/packet-ber.c in the BER parser does not correctly check the sscanf return value by constructing a packet, a remot...

UBUNTU-CVE-2015-7176

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impa...