CVE-2026-2855

CVE-2026-2855 affects D-Link DWR-M960 firmware version 1.01.07. The vulnerability stems from the function sub_4648F0 in the DDNS Settings Handler, specifically in the /boafrm/formDdns file. Manipulation of the submit-url argument can trigger a stack-based buffer overflow, enabling remote exploita...

CVE-2026-2855

A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...

CVE-2026-2855 D-Link DWR-M960 DDNS Settings formDdns sub_4648F0 stack-based overflow

A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...

CVE-2026-2855 D-Link DWR-M960 DDNS Settings formDdns sub_4648F0 stack-based overflow

A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...

CVE-2026-2854 D-Link DWR-M960 NTP Configuration Endpoint formNtp sub_4611CC stack-based overflow

A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2026-2854

DVE-2026-2854 affects D-Link DWR-M960 firmware 1.01.07. The flaw is in the NTP Configuration Endpoint, specifically the sub_4611CC function in /boafrm/formNtp, where manipulating the submit-url argument can trigger a stack-based buffer overflow. Remote exploitation is possible, with exploit resea...

CVE-2026-2853

CVE-2026-2853 affects D-Link DWR-M960 firmware 1.01.07, specifically the System Log Configuration Endpoint’s function sub_462E14 in /boafrm/formSysLog. A manipulation of the submit-url argument causes a stack-based buffer overflow, with remote execution potential. The vulnerability is publicly ex...

CVE-2026-2853

A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...

PT-2026-21287

A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub 462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...

PT-2026-21296

A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub 424AFC of the file /boafrm/formFilter of the component Filter Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be...

D-Link DWR-M960 安全漏洞

The D-Link DWR-M960 is a router produced by D-Link Corporation. The D-Link DWR-M960 version 1.01.07 has a security vulnerability. This vulnerability stems from a malfunction in the sub4611CC function within the NTP Configuration Endpoint component, which involves incorrect handling of the...

CVE-2026-27014 NanZip has ROMFS Archive Infinite Loop / Stack Overflow

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

CVE-2026-27014

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

CVE-2026-27014

CVE-2026-27014 affects NanaZip’s ROMFS archive parser. From the provided records, versions before 6.0.1630.0 (specifically starting 5.0.1252.0 up to

CVE-2026-27014 NanZip has ROMFS Archive Infinite Loop / Stack Overflow

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2026-1536: Always validate the headers value when coming from untrusted source to avoid HTTP header injection bsc1257440. CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow...

PJSIP 资源管理错误漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Prior to PJSIP version 2.17, there was a resource management vulnerability. This vulnerability stemmed from t...

openSUSE 15 Security Update : libxml2 (SUSE-SU-2026:0570-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0570-1 advisory. - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc125681...

CVE-2019-25357

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler SEH. Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute...

CVE-2019-25357 Control Center PRO 6.2.9 - Local Stack Based BufferOverflow

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler SEH. Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute...