CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-36794
High

Multiple stack overflows were discovered in the R7WebsSecurityHandler function in the Tenda W3 Wireless Router v1.0.0.3(2204), triggered by the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVE-2026-36793
High

The Tenda W3 wireless router version 1.0.0.3(2204) contains multiple stack overflows in the formwrlSSIDset function triggered by the mit_ssid and mis_ssid_index parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVE-2026-36792
High

A stack overflow was discovered in the wl_radio parameter of the formWifiRadioSet function in the Tenda W3 Wireless Router v1.0.0.3(2204). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVE-2026-36791
High

A stack overflow vulnerability was discovered in the save_list_data parameter of the formSetCfm function in Tenda O3v3 v1.0.0.5. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVE-2026-36784
High

A stack overflow was discovered in the ip parameter of the fromNetToolGet function in the Tenda O3 Wireless Router v1.0.0.5(4180). This vulnerability allows attackers to cause a Denial of Service (DoS) via an HTTP request.

CVE-2026-36783
High

A stack overflow was discovered in the domain parameter of the fromNetToolGet function in the Tenda O3 Wireless Router v1.0.0.5(4180). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVE-2026-36779
High

The Tenda O3 Wireless Router v1.0.0.5(4180) contains multiple stack overflows in the fromVirtualSer function, which can lead to Denial of Service (DoS) attacks via crafted HTTP requests.

CVE-2026-36771
High

A stack overflow was discovered in the wl_radio parameter of the formwrlSSIDset function in the Tenda W3 Wireless Router v1.0.0.3(2204). This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted input.

CVE-2026-36770
High

A stack overflow was discovered in the Go parameter of the ask_to_reboot function in the Tenda US_W3V1.0BR v1.0.0.3 device. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted input.

CVE-2026-36723
HighEPSS 78%

Version 8.3 of the bookcars application contains an unrestricted file rename vulnerability in the /api/create-user component, allowing authenticated attackers to leverage directory traversal sequences to move arbitrary files from temporary storage to arbitrary locations on the server filesystem.

CVE-2026-36720
High

Version 8.3 of the bookcars application has insecure permissions that allow authenticated attackers to escalate privileges from user to admin by modifying their user type.

CVE-2026-36719
High

CVE-2026-36719 is an information disclosure vulnerability in AgentChat version 2.3.0 that allows unauthenticated attackers to access sensitive information via the /api/v1/user/info endpoint, including SHA256 password hashes, by enumerating user IDs.

CVE-2025-55657
High

A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function in GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) by supplying a crafted MP4 file.

CVE-2025-52293
High

A segmentation violation in the gf_hevc_read_sps_bs_internal function in GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) by supplying crafted HEVC SPS data.

CVE-2025-52292
High

A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

CVE-2023-43688
High

An issue was discovered in Malwarebytes versions 4.x and 5.x, as well as Nebula from October 21, 2020, related to a heap buffer overflow. This affects various buffer encryption utilities.

CVE-2023-29146
High

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value (32-bit).

CVE-2026-50636
High

The RemoteControl API methods invite_participants and remind_participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited(), which concatenates the values directly into a tid IN ('...') SQL clause without parameterization or input validation. A remote, authenticated attacker can inject a crafted array element, leading to SQL injection vulnerability.

CVE-2026-50635
High

LimeSurvey constructs password-reset links based on the client-supplied HTTP Host header without validating it. The default configuration does not define an allowed hosts allowlist, allowing an attacker to take over an account by sending a spoofed password reset request.

CVE-2026-50512
High

Missing authentication for a critical function in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.

PreviousPage 164 of 3362Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS