Total
2306 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-2877 | 1 Tenda | 2 A18, A18 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2026-2874 | 1 Tenda | 2 A21, A21 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2026-2882 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_46385C of the file /boafrm/formDosCfg. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used. | |||||
| CVE-2026-2883 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-2929 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-2958 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub_457C5C of the file /boafrm/formWsc. Such manipulation of the argument save_apply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2026-2884 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub_41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | |||||
| CVE-2026-2885 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function sub_469104 of the file /boafrm/formIpv6Setup. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-2925 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_42B5A0 of the file /boafrm/formBridgeVlan of the component Bridge VLAN Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. | |||||
| CVE-2026-2926 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2026-2927 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_462590 of the file /boafrm/formOpMode of the component Operation Mode Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2026-2928 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used. | |||||
| CVE-2026-2959 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. | |||||
| CVE-2026-2960 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. | |||||
| CVE-2026-2961 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2026-2962 | 1 Dlink | 2 Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. | |||||
| CVE-2019-25437 | 2026-02-23 | N/A | 6.2 MEDIUM | ||
| Foscam Video Management System 1.1.6.6 contains a buffer overflow vulnerability in the UID field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 5000-character buffer into the UID parameter during device addition to trigger an application crash when the Login Check function is invoked. | |||||
| CVE-2026-1425 | 2026-02-23 | 5.1 MEDIUM | 5.6 MEDIUM | ||
| A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function _dns_decode_rr_head/_dns_decode_SVCB_HTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The patch is identified as 2d57c4b4e1add9b4537aeb403f794a084727e1c8. Applying a patch is advised to resolve this issue. | |||||
| CVE-2019-1185 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2026-02-20 | 4.6 MEDIUM | 7.3 HIGH |
| An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | |||||
| CVE-2019-25336 | 1 Nsasoft | 1 Spotauditor | 2026-02-20 | N/A | 8.4 HIGH |
| SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler (SEH) overwrite and execute shellcode on the vulnerable system. | |||||