Total
3800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3166 | 1 Tenda | 2 F453, F453 Firmware | 2026-02-25 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda F453 1.0.0.3. The affected element is the function fromRouteStatic of the file /goform/RouteStatic of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used. | |||||
| CVE-2026-3167 | 1 Tenda | 2 F453, F453 Firmware | 2026-02-25 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda F453 1.0.0.3. The impacted element is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component httpd. Performing a manipulation of the argument webSiteId results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-3168 | 1 Tenda | 2 F453, F453 Firmware | 2026-02-25 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromNatStaticSetting of the file /goform/NatStaticSetting of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2026-3169 | 1 Tenda | 2 F453, F453 Firmware | 2026-02-25 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda F453 1.0.0.3. This impacts the function fromSafeEmailFilter of the file /goform/SafeEmailFilter of the component httpd. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2022-43392 | 1 Zyxel | 96 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 93 more | 2026-02-25 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. | |||||
| CVE-2022-43391 | 1 Zyxel | 96 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 93 more | 2026-02-25 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request. | |||||
| CVE-2025-29481 | 1 Libbpf Project | 1 Libbpf | 2026-02-25 | N/A | 6.2 MEDIUM |
| Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf. This has been disputed by third parties who assert that "no one in their sane mind should be passing untrusted ELF files into libbpf while running under root." | |||||
| CVE-2026-3016 | 1 Utt | 2 810g, 810g Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. The affected element is the function strcpy of the file /goform/formP2PLimitConfig. The manipulation of the argument except leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. | |||||
| CVE-2019-25326 | 1 Nwpsw | 1 Ippulse | 2026-02-24 | N/A | 6.2 MEDIUM |
| ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the application by providing an oversized input in the Enter Key field. Attackers can generate a 256-byte buffer of repeated 'A' characters to trigger an application crash when pasting the malicious content. | |||||
| CVE-2026-2086 | 1 Utt | 2 810g, 810g Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-2980 | 1 Utt | 2 810g, 810g Firmware | 2026-02-24 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability has been found in UTT HiPER 810G up to 1.7.7-1711. Impacted is the function strcpy of the file /goform/setSysAdm. The manipulation of the argument passwd1 leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2026-2981 | 1 Utt | 2 810g, 810g Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in UTT HiPER 810G up to 1.7.7-1711. The affected element is the function strcpy of the file /goform/formTaskEdit_ap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used. | |||||
| CVE-2026-3015 | 1 Utt | 2 810g, 810g Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/formPolicyRouteConf. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2024-5412 | 1 Zyxel | 100 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 97 more | 2026-02-24 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
| CVE-2026-2904 | 1 Utt | 2 810g, 810g Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of the file /goform/ConfigExceptAli. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-2935 | 1 Utt | 2 810g, 810g Firmware | 2026-02-24 | 8.3 HIGH | 7.2 HIGH |
| A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/ConfigExceptMSN. Executing a manipulation of the argument remark can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2025-12322 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromNatStaticSetting of the file /goform/NatStaticSetting. Executing a manipulation of the argument page can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-12273 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda CH22 1.0.0.1. Affected is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2025-12272 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda CH22 1.0.0.1. This impacts the function fromAddressNat of the file /goform/addressNat. Performing a manipulation of the argument page results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2025-12265 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda CH22 1.0.0.1. Affected by this issue is the function fromVirtualSer of the file /goform/VirtualSer. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. | |||||