33868 matches found
DHCP Client Service Remote Code Execution Vulnerability
Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network...
CVE-2026-11793 389-ds-base: 389-ds-base: stack buffer overflow in checkprefix() algorithm id parsing
A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...
CVE-2026-11793
CVE-2026-11793 describes a stack buffer overflow in 389 Directory Server’s 389-ds-base. The vulnerability occurs in the checkPrefix() function in pw.c, which copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute...
EUVD-2026-35423
A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...
CVE-2026-11793
A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...
CVE-2026-11499
A vulnerability was determined in Tenda HG7HG9 and HG10 300001138enxpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote...
Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to xmldom (CVE-2026-41672, CVE-2026-41673, CVE-2026-41674 & CVE-2026-41675)
Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise runtime are vulnerable to multiple vulnerabilities due to xmldom. Vulnerability Details CVEID:CVE-2026-41672 DESCRIPTION: xmldom is a pure...
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb key types due to unchecked shift levels
...
CVE-2026-36786
Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36789
Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...
Adobe Reader < 26.001.21662 Multiple Vulnerabilities (APSB26-63) (macOS)
The version of Adobe Reader installed on the remote macOS host is a version prior to 26.001.21662. It is, therefore, affected by multiple vulnerabilities. - Stack-based Buffer Overflow CWE-121 potentially leading to Arbitrary code execution CVE-2026-47959 - Out-of-bounds Write CWE-787 potentially...
CVE-2026-36796
CVE-2026-36796 affects Shenzhen Tenda Technology Co., Ltd Tenda G0 firmware v15.11.0.5. The issue is a stack overflow in the picCropName parameter of the formCropAndSetWewifiPic function, enabling a remote attacker to trigger Denial of Service via a crafted HTTP request. CVSS v3.1 metrics indicat...
CVE-2026-36798
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple stack overflows in the formSetDebugCfgr function via the enable, level, and module parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36797
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the IPMacBindRuleIp parameter of the formIPMacBindModify function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36779
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain multiple stack overflows in the fromVirtualSer function via the puVar2, puVar1, s2, s100, and puVar3 parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted...
CVE-2026-36778
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain a stack overflow in the username parameter of the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36791
The CVE-2026-36791 entry affects Shenzhen Tenda Technology Co., Ltd. Tenda O3v3 v1.0.0.5, where a stack overflow in the save_list_data parameter of the formSetCfm function could allow a crafted HTTP request to cause a Denial of Service. Affected component: the save_list_data handling within formS...
CVE-2026-36792
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the wlradio parameter of the formWifiRadioSet function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36791
Shenzhen Tenda Technology Co., Ltd Tenda O3v3 v1.0.0.5 was discovered to contain a stack overflow in the savelistdata parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
PT-2026-48188
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...