CVE-2025-70644

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the time parameter of the sub60CFC function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-70650

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-70648

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security5g parameter of the sub727F4 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

CVE-2025-70646

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub72290 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-70651

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the formfastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

VulnCheck KEV: CVE-2025-7544

A vulnerability was found in Tenda AC1206 15.03.06.23. It has been rated as critical. This issue affects the function formSetMacFilterCfg of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. Th...

CVE-2025-69764

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution...

PT-2026-3945

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution...

Azure Linux 3.0 Security Update: libsass (CVE-2022-43357)

The version of libsass installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-43357 advisory. - Stack overflow vulnerability in astselectors.cpp in function Sass::CompoundSelector::hasrealparentref in...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27075)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27075 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stac...

PT-2026-3907

Name of the Vulnerable Software and Affected Versions Seroval versions 1.4.0 and below Description Seroval allows JavaScript value stringification, including complex structures beyond the capabilities of JSON.stringify. In versions 1.4.0 and below, serializing objects with significant depth can...

Seroval security vulnerabilities

Seroval is a formatted Java library developed by Alexis H. Munsayac. Versions of Seroval 1.4.0 and earlier contained security vulnerabilities, which stemmed from the potential to exceed the maximum call stack limit when serializing objects with a high serialization depth...

CVE-2025-69764

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution...

Azure Linux 3.0 Security Update: espeak-ng (CVE-2023-49992)

The version of espeak-ng installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49992 advisory. - Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at...

Azure Linux 3.0 Security Update: valkey (CVE-2025-27151)

The version of valkey installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-27151 advisory. - Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before...

Azure Linux 3.0 Security Update: jq (CVE-2024-53427)

The version of jq installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53427 advisory. - decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric,...

CVE-2025-69764

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution...

Azure Linux 3.0 Security Update: zziplib (CVE-2024-39134)

The version of zziplib installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39134 advisory. - A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via...

Azure Linux 3.0 Security Update: orc (CVE-2024-40897)

The version of orc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40897 advisory. - Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer ...