Total
14145 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2874 | 1 Tenda | 2 A21, A21 Firmware | 2026-02-23 | 8.8 High |
| A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | ||||
| CVE-2026-2882 | 2 D-link, Dlink | 3 Dwr-m960, Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_46385C of the file /boafrm/formDosCfg. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used. | ||||
| CVE-2026-2883 | 2 D-link, Dlink | 3 Dwr-m960, Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-2884 | 2 D-link, Dlink | 3 Dwr-m960, Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub_41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-2885 | 2 D-link, Dlink | 3 Dwr-m960, Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 8.8 High |
| A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function sub_469104 of the file /boafrm/formIpv6Setup. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-2889 | 1 Ccextractor | 1 Ccextractor | 2026-02-23 | 3.3 Low |
| A vulnerability was detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the library src/lib_ccx/mp4.c. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 0.96.6 is able to address this issue. The patch is named fd7271bae238ccb3ae8a71304ea64f0886324925. You should upgrade the affected component. | ||||
| CVE-2026-2961 | 2 D-link, Dlink | 3 Dwr-m960, Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-2962 | 2 D-link, Dlink | 3 Dwr-m960, Dwr-m960, Dwr-m960 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. | ||||
| CVE-2026-2940 | 1 Zaher1307 | 1 Tiny Web Server | 2026-02-23 | 7.3 High |
| A vulnerability was determined in Zaher1307 tiny_web_server up to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b. This affects the function tiny_web_server/tiny.c of the file tiny_web_server/tiny.c of the component URL Handler. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2021-36343 | 1 Dell | 822 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 819 more | 2026-02-23 | 7.5 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2021-36342 | 1 Dell | 822 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 819 more | 2026-02-23 | 7.5 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2026-2662 | 2 Fascinatedbox, Lily-lang | 2 Lily, Lily | 2026-02-23 | 3.3 Low |
| A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the function count_transforms of the file src/lily_emitter.c. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2661 | 2 Albertodemichelis, Squirrel-lang | 2 Squirrel, Squirrel | 2026-02-23 | 3.3 Low |
| A security flaw has been discovered in Squirrel up to 3.2. This affects the function SQObjectPtr::operator in the library squirrel/sqobject.h. The manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2660 | 2 Fascinatedbox, Lily-lang | 2 Lily, Lily | 2026-02-23 | 3.3 Low |
| A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthash_for_name of the file src/lily_symtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2659 | 2 Albertodemichelis, Squirrel-lang | 2 Squirrel, Squirrel | 2026-02-23 | 3.3 Low |
| A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerability is the function SQFuncState::PopTarget of the file src/squirrel/squirrel/sqfuncstate.cpp. Executing a manipulation of the argument _target_stack can lead to out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2657 | 2 Wren, Wren-lang | 2 Wren, Wren | 2026-02-23 | 3.3 Low |
| A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wren_compiler.c of the component Error Message Handler. Such manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2656 | 1 Chaiscript | 1 Chaiscript | 2026-02-23 | 2.5 Low |
| A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::Type_Info::bare_equal of the file include/chaiscript/dispatchkit/type_info.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2655 | 1 Chaiscript | 1 Chaiscript | 2026-02-23 | 2.5 Low |
| A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::str_less::operator of the file include/chaiscript/chaiscript_defines.hpp. The manipulation results in use after free. The attack requires a local approach. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2653 | 2 Admesh, Admesh Project | 2 Admesh, Admesh | 2026-02-23 | 5.3 Medium |
| A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stl_check_normal_vector of the file src/normals.c. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. It looks like this product is not really maintained anymore. | ||||
| CVE-2026-2644 | 2 Minisat, Niklasso | 2 Minisat, Minisat | 2026-02-23 | 3.3 Low |
| A weakness has been identified in niklasso minisat up to 2.2.0. This issue affects the function Solver::value in the library core/SolverTypes.h of the component DIMACS File Parser. This manipulation of the argument variable index with the input 2147483648 causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||