CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
Multiple stack overflows were discovered in the R7WebsSecurityHandler function in the Tenda W3 Wireless Router v1.0.0.3(2204), triggered by the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
The Tenda W3 wireless router version 1.0.0.3(2204) contains multiple stack overflows in the formwrlSSIDset function triggered by the mit_ssid and mis_ssid_index parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
A stack overflow was discovered in the wl_radio parameter of the formWifiRadioSet function in the Tenda W3 Wireless Router v1.0.0.3(2204). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
A stack overflow vulnerability was discovered in the save_list_data parameter of the formSetCfm function in Tenda O3v3 v1.0.0.5. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
A stack overflow was discovered in the ip parameter of the fromNetToolGet function in the Tenda O3 Wireless Router v1.0.0.5(4180). This vulnerability allows attackers to cause a Denial of Service (DoS) via an HTTP request.
A stack overflow was discovered in the domain parameter of the fromNetToolGet function in the Tenda O3 Wireless Router v1.0.0.5(4180). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
The Tenda O3 Wireless Router v1.0.0.5(4180) contains multiple stack overflows in the fromVirtualSer function, which can lead to Denial of Service (DoS) attacks via crafted HTTP requests.
A stack overflow was discovered in the wl_radio parameter of the formwrlSSIDset function in the Tenda W3 Wireless Router v1.0.0.3(2204). This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted input.
A stack overflow was discovered in the Go parameter of the ask_to_reboot function in the Tenda US_W3V1.0BR v1.0.0.3 device. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted input.
Version 8.3 of the bookcars application contains an unrestricted file rename vulnerability in the /api/create-user component, allowing authenticated attackers to leverage directory traversal sequences to move arbitrary files from temporary storage to arbitrary locations on the server filesystem.
Version 8.3 of the bookcars application has insecure permissions that allow authenticated attackers to escalate privileges from user to admin by modifying their user type.
CVE-2026-36719 is an information disclosure vulnerability in AgentChat version 2.3.0 that allows unauthenticated attackers to access sensitive information via the /api/v1/user/info endpoint, including SHA256 password hashes, by enumerating user IDs.
A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function in GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) by supplying a crafted MP4 file.
A segmentation violation in the gf_hevc_read_sps_bs_internal function in GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) by supplying crafted HEVC SPS data.
A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
An issue was discovered in Malwarebytes versions 4.x and 5.x, as well as Nebula from October 21, 2020, related to a heap buffer overflow. This affects various buffer encryption utilities.
The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value (32-bit).
The RemoteControl API methods invite_participants and remind_participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited(), which concatenates the values directly into a tid IN ('...') SQL clause without parameterization or input validation. A remote, authenticated attacker can inject a crafted array element, leading to SQL injection vulnerability.
LimeSurvey constructs password-reset links based on the client-supplied HTTP Host header without validating it. The default configuration does not define an allowed hosts allowlist, allowing an attacker to take over an account by sending a spoofed password reset request.
Missing authentication for a critical function in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.

