NVD

Icon for NVD Communications and Status Updates Page

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Legal Disclaimer:

Here is where you can read the NVD legal disclaimer.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2026-5550 - A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endp... read CVE-2026-5550
Published: April 05, 2026; 4:16:25 AM -0400

V3.1: 8.8 HIGH
CVE-2026-5549 - A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can l... read CVE-2026-5549
Published: April 05, 2026; 4:16:24 AM -0400

V3.1: 7.5 HIGH
CVE-2018-25259 - Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input... read CVE-2018-25259
Published: April 22, 2026; 12:16:45 PM -0400

V3.1: 7.8 HIGH
CVE-2018-25260 - MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it... read CVE-2018-25260
Published: April 22, 2026; 12:16:46 PM -0400

V3.1: 7.8 HIGH
CVE-2018-25261 - Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job wi... read CVE-2018-25261
Published: April 22, 2026; 12:16:46 PM -0400

V3.1: 7.8 HIGH
CVE-2018-25267 - UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304... read CVE-2018-25267
Published: April 22, 2026; 12:16:47 PM -0400

V3.1: 5.5 MEDIUM
CVE-2018-25269 - ICEWARP 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into emails by embedding base64-encoded payloads in object and embed tags. Attackers can craft emails containing data URIs with ... read CVE-2018-25269
Published: April 22, 2026; 12:16:47 PM -0400

V3.1: 6.1 MEDIUM
CVE-2026-40910 - frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style requests, the routing logic uses the username from Prox... read CVE-2026-40910
Published: April 21, 2026; 5:16:45 PM -0400

V3.1: 9.1 CRITICAL
CVE-2026-5685 - A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. T... read CVE-2026-5685
Published: April 06, 2026; 6:16:24 PM -0400

V3.1: 8.8 HIGH
CVE-2026-5686 - A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can b... read CVE-2026-5686
Published: April 06, 2026; 6:16:24 PM -0400

V3.1: 8.8 HIGH
CVE-2026-5687 - A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be init... read CVE-2026-5687
Published: April 06, 2026; 6:16:25 PM -0400

V3.1: 8.8 HIGH
CVE-2026-7033 - A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menufacturer/Go leads to buffer overflow. The attack ... read CVE-2026-7033
Published: April 26, 2026; 7:16:06 AM -0400

V3.1: 8.8 HIGH
CVE-2026-7053 - A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of... read CVE-2026-7053
Published: April 26, 2026; 6:17:32 PM -0400

V3.1: 8.8 HIGH
CVE-2026-7054 - A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer ... read CVE-2026-7054
Published: April 26, 2026; 6:17:32 PM -0400

V3.1: 8.8 HIGH
CVE-2026-7055 - A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The ... read CVE-2026-7055
Published: April 26, 2026; 6:17:32 PM -0400

V3.1: 8.8 HIGH
CVE-2026-7056 - A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed ... read CVE-2026-7056
Published: April 26, 2026; 6:17:32 PM -0400

V3.1: 8.8 HIGH
CVE-2026-7057 - A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation of the argument funcname/funcpara1 causes buffer overflow. It is possible to initiate the... read CVE-2026-7057
Published: April 26, 2026; 6:17:33 PM -0400

V3.1: 8.8 HIGH
CVE-2026-4538 - A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit i... read CVE-2026-4538
Published: March 22, 2026; 1:16:20 AM -0400

V3.1: 7.8 HIGH
CVE-2026-4566 - A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched r... read CVE-2026-4566
Published: March 22, 2026; 11:16:00 PM -0400

V3.1: 8.8 HIGH
CVE-2026-4962 - A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be a... read CVE-2026-4962
Published: March 27, 2026; 1:16:31 PM -0400

Created September 20, 2022 , Updated August 27, 2024

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Legal Disclaimer: