CVE-2026-7372

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...

CVE-2026-7372 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...

PT-2026-36741

Name of the Vulnerable Software and Affected Versions GeoVision GV-VMS V20 version 20.0.2 Description A stack overflow exists in the WebCam Server Login functionality. An unauthenticated attacker can send a specially crafted HTTP request to trigger the issue, potentially leading to arbitrary code...

CVE-2026-0640 Tenda AC23 PowerSaveSet sscanf buffer overflow

A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could ...

CVE-2025-15356

The vulnerability CVE-2025-15356 affects Tenda AC20 routers (firmware up to 16.03.08.12). The issue is in the sscanf call in /goform/PowerSaveSet, where improper handling of the arguments powerSavingEn, time, powerSaveDelay, and ledCloseType can lead to a buffer overflow. Remote exploitation is p...

CVE-2025-15356 Tenda AC20 PowerSaveSet sscanf buffer overflow

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit...

CVE-2023-54057

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrsacpihid command-line parameter The 'acpiid' buffer in the parseivrsacpihid function may overflow, because the string specifier in the format string sscanf has no width limitation...

EUVD-2025-175333

A stack-based buffer overflow vulnerability exists in the libshared.so library of Cisco Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The functions getmacfromip and getipfrommac use sscanf with overly permissive "%100s" format specifiers to parse entries from /proc/net/arp into...

CVE-2025-60692

A stack-based buffer overflow vulnerability exists in the libshared.so library of Cisco Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The functions getmacfromip and getipfrommac use sscanf with overly permissive "%100s" format specifiers to parse entries from /proc/net/arp into...

CVE-2025-11356

CVE-2025-11356 affects Tenda AC23 (pre-16.03.07.52). The vulnerability is in sscanf within /goform/SetStaticRouteCfg, where input length validation allows a buffer overflow, enabling remote exploitation. Public exploits exist. Remedies include upgrading to a version newer than 16.03.07.52 (per PT...

CVE-2024-22086

handlerequest in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution...

PT-2025-38424

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack overflow issue was resolved in the crypto/hisilicon/qm module of the Linux kernel. The vulnerability occurs due to insufficient bounds checking during the use of sscanf,...

CVE-2022-36585

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf...

OracleVM 3.3 : libXfont (OVMSA-2014-0080)

The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2014-0209: integer overflow of allocations in font metadata file parsing bug 1163602, bug 1163601 - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies bug 1163602, bug...

Oracle Linux 5 / 6 : libxfont (ELSA-2014-0018)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0018 advisory. 1.4.5-3 - cve-2013-6462.patch: sscanf overflow bug 1049684 - sscanf-hardening.patch: Some other sscanf hardening fixes 1049684 Tenable has extracted the...

libxfont security update

1.4.5-3 - cve-2013-6462.patch: sscanf overflow bug 1049684 - sscanf-hardening.patch: Some other sscanf hardening fixes 1049684...