PT-2025-25525 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14408 Description: A critical vulnerability has been found in Tenda FH1201. This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the page argument leads to a stack-based buffer overflo...

TencentOS Server 3: libyang (TSSA-2022:0076)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0076 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: glibc (TSSA-2024:0233)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0233 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2025-24922

A stack-based buffer overflow vulnerability exists in the securebioidentify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted malicious cvobject can lead to a arbitrary code execution. An attacker can issue an API call to...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a stack-based buffer overflow in libxml2 [CVE-2025-24928]

Summary IBM Watson Speech Services Cartridge is vulnerable to a stack-based buffer overflow in libxml2, caused by a flaw in xmlSnprintfElements in valid.c CVE-2025-24928. libxml2 is used as part of our speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediati...

PT-2025-26305 · D Link · D-Link Dir-867

Name of the Vulnerable Software and Affected Versions: D-Link DIR-867 version 1.0 Description: A critical vulnerability has been found in the function strncpy of the component Query String Handler, leading to a stack-based buffer overflow. The attack can be initiated remotely. This vulnerability...

CVE-2025-5969

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN00425fd8 of the file /biurlgrou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched...

CVE-2025-5912

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

PT-2025-26295 · D Link · D-Link Dir-815

Name of the Vulnerable Software and Affected Versions: D-Link DIR-815 version 1.01 Description: A critical vulnerability was found in the D-Link DIR-815, affecting the function sub 403794 of the file hedwig.cgi. This vulnerability leads to a stack-based buffer overflow and can be initiated...

CVE-2025-5853

A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely...

EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2025-1637)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...

(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON messages...

CVE-2025-5849

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer...

CVE-2025-5978

A vulnerability was found in Tenda FH1202 1.2.0.14. It has been classified as critical. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has...

CVE-2025-5847

A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based...

BIT-MARIADB-MIN-2022-24048

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

CVE-2025-5912

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

Exploit for Out-of-bounds Write in Fortinet Fortimail

CVE-2025-32756: Fortinet RCE PoC A proof-of-concept for the c...

Advisory ROSA-SA-2025-2885

Software: expat 2.2.5 OS: ROSA Virtualization 3.0 packageevrstring: expat-2.2.5-17.0.1.rv30 CVE-ID: CVE-2024-8176 BDU-ID: 2025-04573 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to a stack-based buffer overflow. Exploitation of the vulnerability...

Advisory ROSA-SA-2025-2876

Software: expat 2.2.5 OS: ROSA Virtualization 2.1 packageevrstring: expat-2.2.5-17.0.1.rv3 CVE-ID: CVE-2024-8176 BDU-ID: 2025-04573 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to a stack-based buffer overflow. Exploitation of the vulnerability cou...