CVE-2026-10067 Shibby Tomato multimon.cgi sub_90F0 stack-based overflow

A vulnerability was detected in Shibby Tomato 1.28. Impacted is the function sub90F0 of the file multimon.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are...

CVE-2026-10067

A vulnerability was detected in Shibby Tomato 1.28. Impacted is the function sub90F0 of the file multimon.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are...

CVE-2026-10063

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formWPS of the file /goform/formWPS. Such manipulation of the argument peerPin leads to stack-based buffer overflow. The attack may be performed from remote. The exploit is publicly available and...

CVE-2026-10066 Shibby Tomato UPS Service tomatoups.cgi sub_9068 stack-based overflow

A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the function sub9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. This project is superseded by...

EUVD-2026-33341

A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the function sub9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. This project is superseded by...

CVE-2026-10066

The CVE concerns Shibby Tomato versions up to 1.28, specifically the UPS Service component. It affects the function sub_9068 in tomatoups.cgi, causing a stack-based buffer overflow that can be triggered remotely. The project is superseded by FreshTomato and targets products no longer supported by...

CVE-2026-10066 Shibby Tomato UPS Service tomatoups.cgi sub_9068 stack-based overflow

A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the function sub9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. This project is superseded by...

CVE-2026-10065 Shibby Tomato tomatodata.cgi get_ups_field stack-based overflow

A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function getupsfield of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

CVE-2026-10065 Shibby Tomato tomatodata.cgi get_ups_field stack-based overflow

A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function getupsfield of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

EUVD-2026-33331

A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function getupsfield of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

CVE-2026-10065

CVE-2026-10065 affects Shibby Tomato 1.28, specifically the function get_ups_field in tomatodata.cgi. Manipulating the Date argument can cause a stack-based buffer overflow, with remote exploitation possible. The vulnerability impacts products that are no longer supported by the maintainer and is...

CVE-2018-25383

CVE-2018-25383 affects Free MP3 CD Ripper 2.8. The vulnerability is a stack-based buffer overflow in WMA file processing within the Convert function, allowing a local attacker to bypass DEP via SEH manipulation and execute arbitrary code (via a ROP chain and shellcode injection). The impact is lo...

CVE-2026-10064 TRENDnet TEW-432BRP formSetPortTr stack-based overflow

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument specialname results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

CVE-2026-10064

CVE-2026-10064 affects TRENDnet TEW-432BRP (3.10B20). Root cause: stack-based buffer overflow in /goform/formSetPortTr when manipulating the argument special_name. Impact: remote attacker could trigger overflow; CVE entries indicate exploitation publicly available. Affected device is EOL (since 2...

CVE-2026-10064 TRENDnet TEW-432BRP formSetPortTr stack-based overflow

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument specialname results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

CLSA-2026-1780061802 Fix CVE(s): CVE-2026-42050

SECURITY UPDATE: fix stack-based buffer overflow in XTileImage triggered by a malicious MIFF file when right-clicking a tile to invoke the Load / Update menu item - debian/patches/CVE-2026-42050.patch: fix stack-based buffer overflow in XTileImage triggered by a malicious MIFF file when...

CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

CVE-2026-40528

OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...

CVE-2026-10063 TRENDnet TEW-432BRP formWPS stack-based overflow

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formWPS of the file /goform/formWPS. Such manipulation of the argument peerPin leads to stack-based buffer overflow. The attack may be performed from remote. The exploit is publicly available and...

CVE-2026-10063

TRENDnet TEW-432BRP firmware 3.10B20 contains a stack-based buffer overflow in the formWPS function (/goform/formWPS) caused by manipulation of the peerPin parameter. The vulnerability can be exploited remotely, and public exploit code is available. The vendor notes the product is EOL (since 2009...