Tagged: Cybersecurity Alert

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in the getsinglepppuser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. More...

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. More...

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in the formAddVpnUsers function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. More...

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway parameter in the formSetStaticRoute function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. More...

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a...

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. More...

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS)...

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. More...

Exposure of sensitive information to an unauthorized actor in Microsoft Office Plus allows an unauthorized attacker to perform spoofing over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55243

Improper link resolution before file access (‘link following’) in Xbox allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55245

External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55316

Improper link resolution before file access (‘link following’) in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55317

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. More...

Time-of-check time-of-use (toctou) race condition in Graphics Kernel allows an authorized attacker to execute code locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55236