CVE-2026-24111

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addAuthUser function and processed by sscanf without size validation, it could lead to buffer overflow...

EUVD-2018-6281

Malware in sbrugna...

CVE-2025-10803

CVE-2025-10803 affects Tenda AC23 routers up to version 16.03.07.52. The vulnerability is in the HTTP POST Request Handler, specifically the SetPptpServerCfg file where the sscanf function manipulates the startIp parameter, leading to a buffer overflow. This permits remote exploitation. Public di...

UBUNTU-CVE-2024-38560

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is...

snplog.bof.txt

Date: Tue, 16 Feb 1999 00:42:49 +0000 From: Rupert Weber-Henschel To: [email protected] Subject: snplog-1.0 buffer overflow There is a possible buffer overflow in snplog-1.0. Or is it 0.1? The tar file is 0.1, the docs say 1.0. % snplog contains tcplogd, icmplogd, udplogd The offending code is...