PT-2026-24902

A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

Tenda i12 安全漏洞

The Tenda i12 is a wireless access point produced by the Chinese company Tenda. Version 1.0.0.62204 of the Tenda i12 contains a security vulnerability. This vulnerability stems from an incorrect operation of the parameter index in the function formWifiMacFilterGet within the file...

Tenda i12 安全漏洞

The Tenda i12 is a ceiling-mounted wireless access point produced by the Chinese company Tenda. Version 1.0.0.62204 of the Tenda i12 contains a security vulnerability. This vulnerability stems from an incorrect operation of the parameter cmdinput in the vosstrcpy function within the...

PT-2026-24914

A vulnerability was identified in Tenda W3 1.0.0.32204. This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the component HTTP Handler. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be performed from remote. Th...

PT-2026-24959

A security flaw has been discovered in Tenda i12 1.0.0.62204. Impacted is the function vos strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and...

GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. The GPAC 26.03-DEV version contains a security vulnerability, which stems from a stack buffer overflow in the txtinprocesstexml function within the TeXML File Parser component...

PT-2026-24906

A vulnerability was found in Tenda W3 1.0.0.32204. Affected by this issue is the function formSetCfm of the file /goform/setcfm of the component HTTP Handler. The manipulation of the argument funcpara1 results in stack-based buffer overflow. The attack can only be performed from the local network...

PT-2026-25037

Name of the Vulnerable Software and Affected Versions flatted versions prior to 3.4.0 Description flatted is a circular JSON parser. The parse function uses a recursive revive phase to resolve circular references in deserialized JSON. When provided with a crafted payload containing deeply nested ...

CVE-2025-70245

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizardSelectMode...

CVE-2025-70245

CVE-2025-70245 affects D-Link DIR-513 v1.10, vulnerable via the curTime parameter to goform/formSetWizardSelectMode, causing a stack-based buffer overflow. The connected sources consistently describe this as a stack buffer overflow in the specified device/firmware context; no explicit exploit det...

gnutls security update

An update is available for gnutls. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnutls packages provide the GNU Transport Layer Security GnuTLS library,...

Vulnerabilities fixed in Fortinet FortiManager and FortiAnalyzer

Fortinet has fixed vulnerabilities in FortiAnalyzer and FortiManager including cloud variants. The vulnerability with reference CVE-2025-54820 is in FortiManager. This vulnerability allows a remote unauthenticated malicious person to execute unauthorized commands via a stack-based buffer overflow...

CVE-2025-70249

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard2...

CVE-2025-70244

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanSetup...

CVE-2025-70247

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard1...

CVE-2025-70242

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formSetWanPPTP...

CVE-2025-70251

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanGuestSetup...

CVE-2025-70246

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formVirtualServ...

SUSE CVE-2026-28494

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-siz...

SUSE CVE-2026-28690

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data...