CVE-2025-70240

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard51...

EUVD-2025-208247

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution...

CVE-2025-70239

Mode C: CVE-2025-70239 affects D-Link DIR-513 v1.10. The vulnerability is a stack buffer overflow in the goform/formSetWAN_Wizard55 handler triggered by the curTime parameter. Public sources consistently identify the affected product and vulnerable component as DIR-513, version 1.10, with the iss...

CVE-2025-70234

CVE-2025-70234 concerns a stack buffer overflow in D-Link DIR-513 v1.10, triggered by the curTime parameter in the endpoint goform/formSetQoS. CNVD-2026-16146 and RH/OSV entries describe potential arbitrary code execution or denial of service due to improper input length validation of the curTime...

CVE-2025-70241

CVE-2025-70241 is a stack buffer overflow in D-Link DIR-513 v1.10 exploitable via the curTime parameter to goform/formSetWANType_Wizard5. Public details identify an impacted device and vulnerable component, with network-based access and no user interaction required, and a high to critical impact ...

CVE-2025-70237

CVE-2025-70237 affects D-Link DIR-513 (v1.10). The issue is a stack buffer overflow in the handling of the curTime parameter passed to goform/formSetPortTr, allowing potential control-flow disruption. Multiple sources describe this vulnerability as enabling arbitrary code execution or a denial of...

EUVD-2025-208265

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard55...

PT-2026-22841

Name of the Vulnerable Software and Affected Versions Underscore.js versions prior to 1.13.8 Description Underscore.js, a JavaScript utility-belt library, contains an issue in the .flatten and .isEqual functions. These functions utilize recursion without a depth limit, potentially leading to a...

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

SUSE CVE-2025-61144

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function...

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

Tenda AC6 安全漏洞

Tenda AC6 is a wireless router produced by the Chinese company Tenda. The Tenda AC6V2.0 V15.03.06.23multi version has a security vulnerability. This vulnerability stems from the lack of size checking in the/goform/WifiWpsStart component, which may lead to a stack overflow issue...

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router produced by the Chinese company Tenda. Versions of the Tenda AC15 starting from 15.13.07.13 and earlier have a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/TextEditingConversion, specifically...

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

PT-2026-22622

Name of the Vulnerable Software and Affected Versions Tenda AC6V2.0 version 15.03.06.23 multi Description An issue exists in the /goform/WifiWpsStart component of the software. The index and mode parameters are controllable. When specific conditions are met during the sprintf function call, these...

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

CVE-2025-70252

CVE-2025-70252 affects Tenda AC6V2.0 (V15.03.06.23_multi). The vulnerability is in /goform/WifiWpsStart where the parameters index and mode are controllable. When certain conditions meet during an sprintf, data are spliced into a temporary buffer without size checking, leading to a stack overflow...