Export limit exceeded: 15105 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15105 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12611 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2026-02-24 | 8.8 High |
| A vulnerability was identified in Tenda AC21 16.03.08.16. This vulnerability affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIp leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. | ||||
| CVE-2025-12596 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2026-02-24 | 8.8 High |
| A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-15356 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2026-02-24 | 8.8 High |
| A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-15253 | 1 Tenda | 2 M3, M3 Firmware | 2026-02-24 | 8.8 High |
| A vulnerability has been found in Tenda M3 1.0.0.13(4903). The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-15252 | 1 Tenda | 2 M3, M3 Firmware | 2026-02-24 | 8.8 High |
| A flaw has been found in Tenda M3 1.0.0.13(4903). The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. | ||||
| CVE-2025-15008 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2026-02-24 | 7.3 High |
| A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2025-15006 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2026-02-24 | 9.8 Critical |
| A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2025-14956 | 1 Webassembly | 1 Binaryen | 2026-02-24 | 5.3 Medium |
| A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: 4f52bff8c4075b5630422f902dd92a0af2c9f398. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2025-14879 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2026-02-24 | 9.8 Critical |
| A weakness has been identified in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/onSSIDChange of the component HTTP Request Handler. This manipulation of the argument ssid_index causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2025-14878 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2026-02-24 | 9.8 Critical |
| A security flaw has been discovered in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/wirelessRestart of the component HTTP Request Handler. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2025-14673 | 1 Gmg137 | 1 Snap7-rs | 2026-02-24 | 7.3 High |
| A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-14672 | 1 Gmg137 | 1 Snap7-rs | 2026-02-24 | 7.3 High |
| A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7_micro_client.cpp. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | ||||
| CVE-2025-14665 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2026-02-24 | 9.8 Critical |
| A security flaw has been discovered in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/DhcpListClient of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2025-14656 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2026-02-24 | 8.8 High |
| A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing a manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2025-14655 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2026-02-24 | 8.8 High |
| A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing a manipulation of the argument rebootTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2025-14526 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2026-02-24 | 8.8 High |
| A security flaw has been discovered in Tenda CH22 1.0.0.1. This affects the function frmL7ImForm of the file /goform/L7Im. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2025-15232 | 1 Tenda | 2 M3, M3 Firmware | 2026-02-24 | 8.8 High |
| A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-15216 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2026-02-24 | 8.8 High |
| A vulnerability was identified in Tenda AC23 16.03.07.52. This impacts the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument bindnum leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-15215 | 1 Tenda | 2 Ac10u, Ac10u Firmware | 2026-02-24 | 8.8 High |
| A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-15180 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2026-02-24 | 7.2 High |
| A vulnerability was identified in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/webExcptypemanFilte of the component HTTP Request Handler. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used. | ||||