Total
14327 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4490 | 1 Tenda | 1 A18 Pro | 2026-03-25 | 8.8 High |
| A flaw has been found in Tenda A18 Pro 02.03.02.28. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. This manipulation causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-4491 | 1 Tenda | 1 A18 Pro | 2026-03-25 | 8.8 High |
| A vulnerability has been found in Tenda A18 Pro 02.03.02.28. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-4492 | 1 Tenda | 1 A18 Pro | 2026-03-25 | 8.8 High |
| A vulnerability was found in Tenda A18 Pro 02.03.02.28. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-4493 | 1 Tenda | 1 A18 Pro | 2026-03-25 | 8.8 High |
| A vulnerability was determined in Tenda A18 Pro 02.03.02.28. The impacted element is the function sub_423B50 of the file /goform/setMacFilterCfg of the component MAC Filtering Configuration Endpoint. Executing a manipulation of the argument deviceList can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-33849 | 1 Linkingvision | 1 Rapidvms | 2026-03-24 | 8.8 High |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96. | ||||
| CVE-2026-33851 | 1 Joncampbell123 | 1 Doslib | 2026-03-24 | 7.8 High |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in joncampbell123 doslib.This issue affects doslib: before doslib-20250729. | ||||
| CVE-2026-33847 | 1 Linkingvision | 1 Rapidvms | 2026-03-24 | 7.8 High |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96. | ||||
| CVE-2026-33848 | 1 Linkingvision | 1 Rapidvms | 2026-03-24 | 8.8 High |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96. | ||||
| CVE-2026-4734 | 1 Yoyofr | 1 Modizer | 2026-03-24 | N/A |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in yoyofr modizer (libs/libopenmpt/openmpt-trunk/include/premake/contrib/curl/lib modules). This vulnerability is associated with program files imap.C. This issue affects modizer: before v4.3. | ||||
| CVE-2026-4738 | 1 Osgeo | 1 Gdal | 2026-03-24 | N/A |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal (frmts/zlib/contrib/infback9 modules). This vulnerability is associated with program files inftree9.C. This issue affects gdal: before 3.11.0. | ||||
| CVE-2026-4254 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-03-24 | 9.8 Critical |
| A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local_2c causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-4318 | 1 Utt | 1 Hiper 810g | 2026-03-24 | 8.8 High |
| A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-4214 | 2 D-link, Dlink | 60 Dnr-202l, Dnr-322l, Dnr-326 and 57 more | 2026-03-24 | 8.8 High |
| A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP_AV_Server_Path_Setting of the file /cgi-bin/app_mgr.cgi. Executing a manipulation can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2026-4226 | 1 Lb-link | 2 Bl-wr9000, Bl-wr9000 Firmware | 2026-03-24 | 8.8 High |
| A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /goform/get_virtual_cfg. Executing a manipulation can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4227 | 1 Lb-link | 2 Bl-wr9000, Bl-wr9000 Firmware | 2026-03-24 | 8.8 High |
| A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 of the file /goform/get_hidessid_cfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4167 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2026-03-23 | 8.8 High |
| A vulnerability was determined in Belkin F9K1122 1.00.33. This affects the function formReboot of the file /goform/formReboot. This manipulation of the argument webpage causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4172 | 1 Trendnet | 2 Tew-632brp, Tew-632brp Firmware | 2026-03-23 | 7.2 High |
| A vulnerability was detected in TRENDnet TEW-632BRP 1.010B32. This affects an unknown part of the file /ping_response.cgi of the component HTTP POST Request Handler. The manipulation of the argument ping_ipaddr results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4182 | 2 D-link, Dlink | 3 Dir-816, Dir-816, Dir-816 Firmware | 2026-03-23 | 9.8 Critical |
| A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument key1/key2/key3/key4/pskValue causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-4183 | 2 D-link, Dlink | 3 Dir-816, Dir-816, Dir-816 Firmware | 2026-03-23 | 9.8 Critical |
| A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the argument pskValue leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-4184 | 2 D-link, Dlink | 3 Dir-816, Dir-816, Dir-816 Firmware | 2026-03-23 | 9.8 Critical |
| A vulnerability was detected in D-Link DIR-816 1.10CNB05. Affected by this vulnerability is an unknown functionality of the file /goform/form2Wl5BasicSetup.cgi of the component goahead. Performing a manipulation of the argument pskValue results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||