CVE-2026-11499 Tenda HG7HG9/HG10 formDOMAINBLK stack-based overflow

A vulnerability was determined in Tenda HG7HG9 and HG10 300001138enxpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote...

CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498

CVE-2026-11498 affects Tenda HG7HG9/HG10 devices (Web Management Interface) due to a stack-based buffer overflow in function asp_voip_OtherSet within the /boaform/voip_other_set module. The issue is triggered by manipulating the funckey_transfer parameter and can be exploited remotely over the ne...

H3C Magic R300-2100M - Remote Code Execution

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. id: CVE-2023-33629 info: name: H3C Magic R300-2100M - Remote Code Execution author: DhiyaneshDK severity: high description: | H3C Magic R300 version...

CVE-2026-11413

A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function setmacfilter of the file /sbin/jdcwebrpc. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2026-36789

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

Important: radvd

Issue Overview: Stack Buffer Overflow in radvdump Route Information Option Parser NOTE: https://github.com/radvd-project/radvd/security/advisories/GHSA-52px-gh9p-m379 CVE-2026-48715 Affected Packages: radvd Issue Correction: Run dnf update radvd --releasever 2023.12.20260608 or dnf update...

Amazon Linux 2023 : radvd (ALAS2023-2026-1799)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1799 advisory. Stack Buffer Overflow in radvdump Route Information Option Parser NOTE: https://github.com/radvd-project/radvd/security/advisories/GHSA-52px-gh9p-m379 CVE-2026-48715 Tenable has extracted the preceding...

Important: postgresql

Issue Overview: Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores...

CVE-2026-36786

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36789

CVE-2026-36789 concerns Shenzhen Tenda Technology’s AC1206 (v15.03.06.23). The advisory reports multiple stack overflows in the fromGstDhcpSetSer function triggered via username/password parameters, enabling a Denial of Service through a crafted HTTP request. A CVSS v3.1 base score of 7.5 (HIGH) ...

CVE-2026-36786

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

Amazon Linux 2 : xorg-x11-server, --advisory ALAS2-2026-3336 (ALAS-2026-3336)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3336 advisory. Font Alias Stack-based Buffer Overflow: A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server...

Important: libsolv

Issue Overview: A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable...

PT-2026-47308

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

PT-2026-47297

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

TencentOS Server 4: postgresql (TSSA-2026:0343)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0343 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2026-36786

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

EUVD-2026-35076

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...