Tenda M3 /goform/setAdPushInfo File Stack Buffer Overflow Vulnerability

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the incorrect operation of the parameter mac/terminal in the...

Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: CVE-2025-12464: stack-based buffer overflow in the e1000 network device operations can be exploited by a malicious guest user to crash the QEMU process on the host bsc1253002. CVE-2025-11234: use-after-free in WebSocket...

PT-2026-3016

Name of the Vulnerable Software and Affected Versions Tenda AX-1806 version 1.0.0.1 Description The Tenda AX-1806 device contains a stack overflow issue in the wanSpeed parameter of the sub 65B5C function. Attackers can exploit this to cause a Denial of Service DoS by sending a crafted request...

PT-2026-3257

Name of the Vulnerable Software and Affected Versions Tenda AX-1806 version 1.0.0.1 Description The Tenda AX-1806 router contains a stack overflow in the security parameter of the sub 4C408 function. This allows attackers to cause a Denial of Service DoS via a crafted request. Recommendations...

PT-2026-3015

Name of the Vulnerable Software and Affected Versions Tenda AX-1806 version 1.0.0.1 Description The Tenda AX-1806 device contains a stack overflow issue in the cloneType parameter of the sub 65B5C function. A crafted request can trigger a Denial of Service DoS condition. The cloneType parameter i...

EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2026-1001)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2...

Sony IPELA Network Camera Remote Stack Buffer Overflow (CVE-2020-36885)

Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.cgi endpoint that allows remote attackers to execute arbitrary code. Attackers can exploit the vulnerability by sending a crafted POST request with oversized data to the FTP client functionality,...

CVE-2025-68950

A flaw was found in ImageMagick, free and open-source software used for editing and manipulating digital images. ImageMagick fails to check for circular references between two Magick Vector Graphics MVG files. A remote attacker could exploit this by providing a specially crafted MVG file, leading...

CVE-2025-15273

A flaw was found in FontForge. This stack-based buffer overflow vulnerability occurs during the parsing of PFB Printer Font Binary files due to improper validation of user-supplied data length. A remote attacker could exploit this by convincing a user to open a specially crafted malicious PFB fil...

SUSE CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

PT-2026-24937

A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin process texml of the file src/filters/load text.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the local host. The explo...

PT-2026-26144

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. For the VARINT and CONST encodings, incomplete validation of the context in which the encodings were...

PT-2026-28748

Name of the Vulnerable Software and Affected Versions mxml versions up to 4.0.4 Description A flaw exists in mxml up to version 4.0.4 related to a stack-based buffer overflow. The issue resides within the index sort function in the mxml-index.c file, specifically within the mxmlIndexNew component...

PT-2026-4994

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 8.0.3 Suricata versions prior to 7.0.14 Description Suricata is a network IDS, IPS and NSM engine. A stack buffer overflow can occur while saving a dataset due to the use of a stack buffer to prepare the data. If the...

PT-2026-26515

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.153 Description A stack buffer overflow exists in the WebRTC component of Google Chrome. This issue could allow a remote attacker to potentially exploit stack corruption through a specially crafted HT...

PT-2026-3360

Name of the Vulnerable Software and Affected Versions Node.js versions affected versions not specified Description A flaw in Node.js TLS error handling can allow remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thro...

PT-2026-25070

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-16 and 6.9.13-41, a failure in memo...

PT-2026-24129

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is software used for editing and manipulating digital images. A stack buffer overflow exists in the MNG encoder due to missing bounds checks...

PT-2026-27643

Name of the Vulnerable Software and Affected Versions Kea versions 2.6.0 through 2.6.4 Kea versions 3.0.0 through 3.0.2 Description A specially crafted message sent to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons via an API socket or HA listener can lead to a stack overflow...

PT-2026-8027

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.1.2148 Description Vim is a command line text editor. A stack buffer overflow exists in Vim’s NetBeans integration when processing the specialKeys command, affecting Vim builds that enable and use the NetBeans feature...