CVE-2025-6111

A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7775. This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has bee...

CVE-2025-6110

A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14408. This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6111

CVE-2025-6111 affects Tenda FH1205 (firmware 2.0.0.7(775)). The vulnerability is a stack-based buffer overflow in the fromVirtualSer function of /goform/VirtualSer caused by improper validation of the argument page. It can be triggered remotely, with in-the-wild PoC activity reported. No patch de...

CVE-2025-6111 Tenda FH1205 VirtualSer fromVirtualSer stack-based overflow

A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7775. This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has bee...

CVE-2025-6110 Tenda FH1201 SafeMacFilter stack-based overflow

A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14408. This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6110 Tenda FH1201 SafeMacFilter stack-based overflow

A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14408. This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

PT-2025-25527 · Tenda · Tenda Fh1205

Name of the Vulnerable Software and Affected Versions: Tenda FH1205 version 2.0.0.7775 Description: A critical vulnerability was found in the Tenda FH1205, affecting the fromVirtualSer function of the file /goform/VirtualSer. The manipulation of the argument page leads to a stack-based buffer...

PT-2025-25535 · D Link · Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L version 2.06B01 Description: A critical vulnerability has been found in the function form portforwarding of the file /goform/form portforwarding. The manipulation of the argument ingress name %d/sched name %d/name %d leads to ...

Asus Armoury Crate AsIO3.sys stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2144 Asus Armoury Crate AsIO3.sys stack-based buffer overflow vulnerability June 16, 2025 CVE Number CVE-2025-1533 SUMMARY A stack-based buffer overflow vulnerability exists in the AsIO3.sys kernel driver of Asus Armoury Crate 5.9.13.0. A specially crafted I/...

Stack-based Buffer Overflow

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Stack-based Buffer Overflow due to unsafe use of strcpy in the xmllint interactive shell command tool. An attacker can cause a crash by providing an overly long argument to any...

PT-2025-25525 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14408 Description: A critical vulnerability has been found in Tenda FH1201. This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the page argument leads to a stack-based buffer overflo...

TencentOS Server 3: libyang (TSSA-2022:0076)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0076 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: glibc (TSSA-2024:0233)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0233 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2025-6093 uYanki board-stm32f103rc-berial heartrate1_hal.c heartrate1_i2c_hal_write stack-based overflow

A vulnerability classified as critical was found in uYanki board-stm32f103rc-berial up to 84daed541609cb7b46854cc6672a275d1007e295. This vulnerability affects the function heartrate1i2chalwrite of the file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1hal.c. The manipulation of the argument...

CVE-2025-6093

The CVE-2025-6093 vulnerability is in the uYanki board-stm32f103rc-berial, affecting the function heartrate1_i2c_hal_write in 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1_hal.c. The root cause is manipulation of the num argument, which leads to a stack-based buffer overflow. Public detail...

CVE-2025-24922

A stack-based buffer overflow vulnerability exists in the securebioidentify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted malicious cvobject can lead to a arbitrary code execution. An attacker can issue an API call to...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a stack-based buffer overflow in libxml2 [CVE-2025-24928]

Summary IBM Watson Speech Services Cartridge is vulnerable to a stack-based buffer overflow in libxml2, caused by a flaw in xmlSnprintfElements in valid.c CVE-2025-24928. libxml2 is used as part of our speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediati...

PT-2025-26305 · D Link · D-Link Dir-867

Name of the Vulnerable Software and Affected Versions: D-Link DIR-867 version 1.0 Description: A critical vulnerability has been found in the function strncpy of the component Query String Handler, leading to a stack-based buffer overflow. The attack can be initiated remotely. This vulnerability...

CVE-2025-5969

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN00425fd8 of the file /biurlgrou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched...

gstreamer1-plugins-bad-free: mingw-gstreamer1-plugins-bad-free: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

A flaw was found in GStreamer H265 Codec Parsing gstreamer1-plugins-bad-free. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers...