CVE-2025-11385 Tenda AC20 fast_setting_wifi_set sscanf buffer overflow

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publi...

EUVD-2025-32699

A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and coul...

CVE-2025-11356

CVE-2025-11356 affects Tenda AC23 (pre-16.03.07.52). The vulnerability is in sscanf within /goform/SetStaticRouteCfg, where input length validation allows a buffer overflow, enabling remote exploitation. Public exploits exist. Remedies include upgrading to a version newer than 16.03.07.52 (per PT...

EUVD-2019-9173

Malware in sbrugna...

EUVD-2019-4320

Malware in sbrugna...

EUVD-2016-6306

Malware in sbrugna...

EUVD-2018-6281

Malware in sbrugna...

PT-2025-40976

Name of the Vulnerable Software and Affected Versions Tenda AC20 versions up to 16.03.08.12 Description A flaw exists in Tenda AC20 that allows remote attackers to trigger a buffer overflow. The issue is located in the sscanf function within the /goform/fast setting wifi set file. The timeZone...

EUVD-2023-43486

Malicious code in bioql PyPI...

EUVD-2022-39289

Malicious code in bioql PyPI...

EUVD-2022-39290

Malicious code in bioql PyPI...

CVE-2025-11091

A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...

CVE-2025-11091 Tenda AC21 SetStaticRouteCfg sscanf buffer overflow

A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...

Tenda AC23 SetPptpServerCfg File sscanf Function Buffer Overflow Vulnerability

Tenda AC23 is a dual-band wireless router from Tenda that supports 802.11acWave2 technology with dual-band concurrent transmission rates up to 2033Mbps, including up to 1733Mbps in the 5GHz band, which is suitable for high-bandwidth applications such as 4K video and online live streaming. Tenda...

CVE-2025-10803

A vulnerability has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. It is possible to launch the...

CVE-2025-10803 Tenda AC23 HTTP POST Request SetPptpServerCfg sscanf buffer overflow

A vulnerability has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. It is possible to launch the...

CVE-2025-10803

CVE-2025-10803 affects Tenda AC23 routers up to version 16.03.07.52. The vulnerability is in the HTTP POST Request Handler, specifically the SetPptpServerCfg file where the sscanf function manipulates the startIp parameter, leading to a buffer overflow. This permits remote exploitation. Public di...

UBUNTU-CVE-2022-50407

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...

Linux Distros Unpatched Vulnerability : CVE-2025-22082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffe...

CVE-2024-22086

handlerequest in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution...