19 matches found
CVE-2026-7372
CVE-2026-7372 affects GeoVision GV-VMS V20 20.0.2, specifically the WebCam Server Login functionality. A stack overflow is triggered by an unconstrained sscanf when parsing the Authorization string, where username or password extracted content may exceed 40 characters, overwriting the stack. The ...
EUVD-2026-9183
An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addAuthUser function and processed by sscanf without size validation, it could lead to buffer overflow...
EUVD-2026-9184
An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addWewifiWhiteUser function and processed by sscanf without size validation, it could lead to a buffer overflow vulnerability...
CVE-2026-24111
An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addAuthUser function and processed by sscanf without size validation, it could lead to buffer overflow...
CVE-2025-15356 Tenda AC20 PowerSaveSet sscanf buffer overflow
A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit...
EUVD-2025-175300
A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers A720R V4.1.5cu.614B20230630, LR1200GB V9.1.0u.6619B20230130, and NR1800X V9.1.0u.6681B20230703. Both programs parse the contents of /proc/net/arp using sscanf with "%s" format...
Tenda AC20 sscanf function buffer overflow vulnerability
Tenda AC20 is a home router from Tenda. The Tenda AC20 suffers from a buffer overflow vulnerability, which originates from the incorrect operation of the sscanf function parameter timeZone in the file /goform/fastsettingwifiset, for which no detailed vulnerability details are available at this ti...
CVE-2025-11385
A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publi...
CVE-2025-11385 Tenda AC20 fast_setting_wifi_set sscanf buffer overflow
A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publi...
CVE-2025-11385 Tenda AC20 fast_setting_wifi_set sscanf buffer overflow
A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publi...
EUVD-2022-39290
Malicious code in bioql PyPI...
CVE-2025-11091
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...
CVE-2024-22086
handlerequest in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution...
CVE-2024-54808
Netgear WNR854T 1.5.2 North America contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution...
Tenda AC8 Out-of-Bounds Write Vulnerability
Tenda AC8 is a dual gigabit wireless router from Tenda designed for fiber optic homes up to 1000 megabytes, supporting IPv6 protocol with intelligent network management. The Tenda AC8 suffers from an out-of-bounds write vulnerability that stems from the presence of an sscanf issue where the last...
CVE-2023-48194
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing setclientqos, control over the gp register can be obtained...
CVE-2022-36585
In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf...
CVE-2021-46393
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack...
CVE-2019-19555
readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...