Skip to main content

Buffer Overflow

36141 CVEs technique

Monthly

CVE-2026-23672 HIGH PATCH This Week

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability [CVSS 7.8 HIGH]

Information Disclosure Buffer Overflow Microsoft Windows 11 25h2 Windows Server 2019 +13
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23665 HIGH PATCH This Week

Privilege escalation in Azure Linux Virtual Machines results from a heap-based buffer overflow that authenticated local users can exploit to gain elevated system access. An attacker with valid credentials can trigger memory corruption to bypass privilege restrictions and assume administrative control of the affected virtual machine. No patch is currently available, making this a critical risk for organizations running Azure Linux infrastructure.

Buffer Overflow Heap Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22627 HIGH This Week

vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 versions up to 1.0.1 is affected by classic buffer overflow (CVSS 8.8).

Fortinet Buffer Overflow
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-54820 HIGH This Week

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. [CVSS 8.1 HIGH]

Fortinet Buffer Overflow Stack Overflow Fortimanager
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-2399 MEDIUM CISA This Month

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720VS, M730VS, and M750VS, M70V Series M70V, E70 Series E70, and Software Tools NC Trainer2 and NC Trainer2 plus allows a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition by sending specially crafted packets to TCP port 683. [CVSS 5.9 MEDIUM]

Buffer Overflow
NVD VulDB
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-30937 NuGet MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur.

Buffer Overflow Microsoft Heap Overflow Imagemagick Windows +2
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-30936 NuGet MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur.

Buffer Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-30935 NuGet MEDIUM PATCH This Month

BilateralBlurImage contains a heap buffer over-read caused by an incorrect conversion. When processing a crafted image with the `-bilateral-blur` operation an out of bounds read can occur. ``` ================================================================= ==676172==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x50a0000079c0 at pc 0x57b483c722f7 bp 0x7fffc0acd380 sp 0x7fffc0acd370 READ of size 4 at 0x50a0000079c0 thread T0 ```

Buffer Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-30931 NuGet MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write.

Buffer Overflow Heap Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-30929 NuGet HIGH PATCH This Week

High severity vulnerability in ImageMagick. MagnifyImage uses a fixed-size stack buffer. When using a specific image it is possible to overflow this buffer and corrupt the stack.

Buffer Overflow Stack Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-30883 NuGet MEDIUM PATCH This Month

ImageMagick is free and open-source software used for editing and manipulating digital images. versions up to 7.1.2-16 is affected by buffer overflow (CVSS 5.7).

Buffer Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-28693 NuGet HIGH PATCH This Week

High severity vulnerability in ImageMagick. An integer overflow in DIB coder can result in out of bounds read or write

Imagemagick Information Disclosure Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-28692 NuGet MEDIUM PATCH This Month

Heap over-read in ImageMagick's MAT decoder prior to versions 7.1.2-16 and 6.9.13-41 results from incorrect arithmetic parenthesization, allowing remote attackers to leak sensitive memory contents and cause denial of service through crafted MAT image files. The vulnerability requires no authentication or user interaction and affects systems using vulnerable ImageMagick versions for image processing. No patch is currently available, leaving users dependent on upgrading to patched versions when released.

Buffer Overflow Information Disclosure Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-28690 NuGet MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data.

Buffer Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.9
EPSS
0.0%
CVE-2026-28686 NuGet MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation.

Buffer Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-28494 NuGet HIGH PATCH This Week

High severity vulnerability in ImageMagick. A stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption.

Linux Buffer Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-70250 HIGH POC This Week

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formdumpeasysetup. [CVSS 7.5 HIGH]

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-70243 HIGH POC This Week

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard534. [CVSS 7.5 HIGH]

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-70238 HIGH POC This Week

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard52. [CVSS 7.5 HIGH]

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-69648 MEDIUM PATCH This Month

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. [CVSS 6.2 MEDIUM]

RCE Denial Of Service Buffer Overflow Binutils Red Hat +1
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-3038 HIGH This Week

The rtsock_msg_buffer() function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddr_storage structure on the stack. [CVSS 7.5 HIGH]

Buffer Overflow Privilege Escalation Memory Corruption Freebsd
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-3815 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 via a buffer overflow in the /goform/formApMail handler allows authenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at elevated risk. The attack requires network access but no user interaction, making it a significant threat to organizations using this device.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3814 HIGH POC This Week

Unauthenticated remote attackers can achieve complete system compromise (code execution, data theft, and denial of service) against UTT HiPER 810G firmware versions up to 1.7.7-1711 through a buffer overflow in the /goform/getOneApConfTempEntry endpoint. Public exploit code is available and actively being leveraged in attacks. No patch is currently available for affected devices.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3811 HIGH POC This Week

Stack-based buffer overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows authenticated remote attackers to achieve complete system compromise through a malformed page parameter in the /goform/P2pListFilter endpoint. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk of code execution and data theft.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-41766 HIGH This Week

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise. [CVSS 8.8 HIGH]

Buffer Overflow Stack Overflow Universal Bacnet Router Firmware
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3810 HIGH POC This Week

Stack overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows authenticated attackers to achieve remote code execution through a malicious page parameter in the /goform/DhcpListClient endpoint. Public exploit code is available and the vulnerability remains unpatched, creating significant risk for deployed devices. This affects both the Tenda FH1202 router and Stack Overflow services with high severity impact on confidentiality, integrity, and availability.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3809 HIGH POC This Week

Stack-based buffer overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows remote authenticated attackers to achieve complete system compromise through manipulation of the page parameter in the /goform/NatStaticSetting function. Public exploit code exists for this vulnerability and no patch is currently available. The flaw requires valid credentials but can be exploited over the network with no user interaction.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3808 HIGH POC This Week

Stack-based buffer overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows remote authenticated attackers to achieve full system compromise through manipulation of the webSiteId parameter in the /goform/webtypelibrary function. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the potential for complete confidentiality, integrity, and availability impact.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3823 CRITICAL Act Now

Remote code execution in Atop Technologies EHG2408-series industrial Ethernet switches (including the EHG2408 and EHG2408-2SFP firmware) allows unauthenticated attackers to hijack the device's execution flow via a stack-based buffer overflow and run arbitrary code. The flaw was reported through Taiwan's CERT (TWCERT) and carries a CVSS 4.0 base score of 9.3, reflecting fully unauthenticated network exploitation with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis, and the EPSS score is low (0.14%, 34th percentile), suggesting exploitation has not yet been observed at scale.

Buffer Overflow Stack Overflow Atop Ehg2408 2sfp Firmware Atop Ehg2408 Firmware RCE
NVD VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-3807 HIGH POC This Week

Stack overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows remote attackers with low privileges to execute arbitrary code through crafted mit_ssid parameters sent to the AdvSetWrlsafeset function. Public exploit code exists for this vulnerability and no patch is currently available. The attack requires network access but no user interaction, making it readily exploitable in affected deployments.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3804 HIGH POC This Week

Remote code execution in Tenda i3 1.0.0.6(2204) firmware allows unauthenticated attackers to achieve full system compromise through a stack-based buffer overflow in the WifiMacFilterSet function. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring immediate mitigation through network segmentation or device isolation.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3803 HIGH POC This Week

Remote code execution in Tenda i3 firmware versions up to 1.0.0.6(2204) via stack-based buffer overflow in the WiFi MAC filter function allows unauthenticated attackers to achieve full system compromise over the network. Public exploit code exists for this vulnerability and no patch is currently available. The flaw requires only low complexity to exploit and affects the confidentiality, integrity, and availability of affected devices.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3802 HIGH POC This Week

Stack-based buffer overflow in Tenda i3 1.0.0.6(2204) firmware allows authenticated remote attackers to achieve code execution by manipulating the cmdinput parameter in the /goform/exeCommand function. Public exploit code exists for this vulnerability and no patch is currently available, placing affected devices at immediate risk.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3801 HIGH POC This Week

Stack-based buffer overflow in Tenda i3 1.0.0.6(2204) firmware allows authenticated remote attackers to achieve complete system compromise through manipulation of ping parameters in the setAutoPing function. Public exploit code exists for this vulnerability and no patch is currently available, creating significant risk for affected deployments.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3799 HIGH POC This Week

Stack overflow in Tenda i3 firmware version 1.0.0.6(2204) allows authenticated remote attackers to achieve full system compromise through a malformed funcpara1 parameter in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can execute arbitrary code with full system privileges.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3631 HIGH This Week

Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability. [CVSS 7.5 HIGH]

Industrial Buffer Overflow Denial Of Service Commgr2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-3630 CRITICAL Act Now

Stack-based buffer overflow in Delta Electronics COMMGR2 communication management software. ICS vulnerability enabling remote code execution on industrial communication gateways.

Industrial Buffer Overflow Stack Overflow Commgr2
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-3769 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware 1.0.0.3 allows remote attackers with valid credentials to achieve unauthenticated code execution through a malformed GO parameter in the WrlclientSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations using vulnerable F453 devices should implement network segmentation and access controls to mitigate exploitation risk.

Golang Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3768 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware version 1.0.0.3 allows authenticated remote attackers to achieve complete system compromise through a malformed GO parameter in the WrlExtraSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems face high risk of unauthorized code execution, data theft, and service disruption.

Golang Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3732 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware allows unauthenticated remote attackers to execute arbitrary code through the cmdinput parameter in the /goform/exeCommand function, with public exploit code already available. The vulnerability affects F453 firmware version 1.0.0.3 and has a CVSS score of 8.8, enabling complete compromise of affected devices without requiring user interaction. No patch is currently available.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3731 MEDIUM PATCH This Month

Out-of-bounds read in libssh versions up to 0.11.3 allows remote attackers to cause denial of service by manipulating the idx argument in the SFTP extension name handler functions. The vulnerability resides in the sftp_extensions_get_name and sftp_extensions_get_data functions, enabling unauthenticated attackers to trigger memory access violations without user interaction. Upgrading to libssh 0.11.4 or 0.12.0 resolves this issue.

Buffer Overflow Libssh Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-3729 HIGH POC This Week

Remote code execution in Tenda F453 firmware versions 1.0.0.3 and 3.As via stack-based buffer overflow in the PPTP client configuration endpoint allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3728 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware versions 1.0.0.3/1.1f allows authenticated remote attackers to execute arbitrary code through malformed funcname/funcpara1 parameters in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the complete compromise potential of affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3727 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated attackers to achieve remote code execution through improper input validation in the QuickIndex handler. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at significant risk of compromise.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3726 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve full system compromise through a malicious page parameter in the webExcptypemanFilter function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, making it a significant risk for affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3715 HIGH POC This Week

Remote code execution in Wavlink WL-WN579X3-C firmware through stack-based buffer overflow in the firewall.cgi module allows unauthenticated attackers to achieve complete system compromise via manipulation of the del_flag parameter. Public exploit code exists for this vulnerability, and no patch is currently available despite vendor notification. Affected users should immediately restrict network access to the affected device until a firmware update becomes available.

Buffer Overflow Stack Overflow Wl Wn579x3 C Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3713 LOW POC PATCH Monitor

Heap buffer overflow in libpng's pnm2png utility (versions up to 1.6.55) allows local attackers to corrupt memory and potentially execute code by supplying malicious width or height parameters. The vulnerability requires local access and public exploit code is available. The maintainers have not yet provided a patch despite early notification.

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3707 LOW Monitor

Integer overflow in MrNanko webp4j versions up to 1.3.x within the GIF decoder's DecodeGifFromMemory function allows local attackers to trigger memory corruption through manipulation of the canvas_height parameter. Public exploit code exists for this vulnerability, and no patch is currently available. Affected users should restrict local access to the application until an update is released.

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3703 CRITICAL POC Act Now

Wavlink NU516U1 firmware 251208 has a buffer overflow enabling remote code execution through crafted HTTP requests to the CGI interface.

Buffer Overflow Wl Nu516u1 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-3701 HIGH POC This Week

Remote code execution in H3C Magic B1 firmware through a buffer overflow in the SSID configuration function allows unauthenticated attackers to gain complete system compromise over the network. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification. The flaw affects firmware versions up to 100R004 and requires only low complexity to exploit with valid credentials.

Buffer Overflow Magic B1 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3700 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware up to version 1.7.7-171114 through a stack buffer overflow in the DNS filter configuration function allows authenticated attackers to execute arbitrary commands with full system privileges. Public exploit code is available for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement network-level mitigations or device replacement until a fix is released.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3699 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 stems from an unsafe strcpy operation in the /goform/formRemoteControl function that enables unauthenticated attackers to trigger a buffer overflow. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3698 HIGH POC This Week

A buffer overflow in the NTP configuration handler of UTT HiPER 810G firmware versions up to 1.7.7-171114 enables authenticated remote attackers to achieve complete system compromise through memory corruption. Public exploit code exists for this vulnerability, and no patch is currently available. Affected devices face immediate risk of remote code execution with high privileges from any authenticated user.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3697 LOW Monitor

Stack Overflow's Language Package Configuration Handler contains a stack-based buffer overflow in the httpd component that can be triggered by manipulating the Language parameter, allowing authenticated remote attackers to achieve code execution. The vulnerability affects Planet ICG-2510 1.0_20250811 and currently lacks an available patch. An attacker with valid credentials can exploit this remotely without user interaction to potentially compromise the affected system.

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-30910 HIGH This Week

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZE_MAX, which could lead to integer wraparound causing an undersized output buffer. [CVSS 7.5 HIGH]

Buffer Overflow Integer Overflow Denial Of Service Crypt
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-30909 CRITICAL Act Now

Perl Crypt::NaCl::Sodium module through 2.002 has potential integer overflows in cryptographic operations that could weaken security guarantees.

Integer Overflow Buffer Overflow Crypt
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3679 HIGH POC This Week

Remote code execution in Tenda FH451 firmware via stack-based buffer overflow in the QuickIndex function allows unauthenticated attackers to execute arbitrary code by sending crafted requests with oversized PPPOEPassword parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires network access and affects firmware version 1.0.0.9 and potentially other versions.

Buffer Overflow Stack Overflow F451 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3678 HIGH POC This Week

Remote code execution in Tenda FH451 firmware via stack-based buffer overflow in the WAN configuration endpoint allows unauthenticated attackers to achieve full system compromise through malicious wanmode or PPPOEPassword parameters. Public exploit code exists for this vulnerability, and no patch is currently available. Stack Overflow products are also reported as affected.

Buffer Overflow Stack Overflow Fh451 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3677 HIGH POC This Week

Stack overflow in Tenda FH451 firmware's setcfm function allows authenticated remote attackers to achieve complete system compromise through malicious funcname or funcpara1 parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects firmware version 1.0.0.9 and enables remote code execution with high impact to confidentiality, integrity, and availability.

Buffer Overflow Stack Overflow Fh451 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3664 LOW POC Monitor

A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compound_document::read_directory of the file source/detail/cryptography/compound_document.cpp of the component Encrypted XLSX File Parser. [CVSS 3.3 LOW]

Buffer Overflow Xlnt
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3663 LOW POC Monitor

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compound_document_istreambuf::xsgetn of the file source/detail/cryptography/compound_document.cpp of the component XLSX File Parser. [CVSS 3.3 LOW]

Buffer Overflow Xlnt
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2018-25198 MEDIUM POC This Month

eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying oversized input buffers. Attackers can create a payload file containing 255 bytes of data that triggers a buffer overflow condition when processed by the application. [CVSS 6.2 MEDIUM]

Buffer Overflow Denial Of Service Memory Corruption
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-29068 HIGH PATCH This Week

PJSIP versions prior to 2.17 are vulnerable to a stack buffer overflow in the RTP payload parsing mechanism when processing more frames than allocated buffers can accommodate, enabling remote denial of service attacks over the network without authentication. An attacker can trigger a crash by sending specially crafted RTP packets containing excessive frame data, causing the application to become unavailable.

Buffer Overflow Pjsip Red Hat
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-3613 HIGH POC This Week

Stack-based buffer overflow in Wavlink WL-NU516U1 firmware's login.cgi allows remote attackers with high privileges to achieve complete system compromise through a malformed ipaddr parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables unauthenticated remote code execution with full read, write, and execution capabilities on affected devices.

Buffer Overflow Stack Overflow Wl Nu516u1 Firmware
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-3606 LOW Monitor

A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. [CVSS 3.3 LOW]

Buffer Overflow Ettercap
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-70616 HIGH POC This Week

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. [CVSS 7.8 HIGH]

Linux Buffer Overflow Denial Of Service Privilege Escalation Wnbios64.Sys
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-70233 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70232 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70230 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70229 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-28547 MEDIUM This Month

Vulnerability of uninitialized pointer access in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.8 MEDIUM]

Buffer Overflow Harmonyos
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-28546 MEDIUM This Month

Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 5.9 MEDIUM]

Buffer Overflow Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-28552 MEDIUM This Month

Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.5 MEDIUM]

Buffer Overflow Harmonyos Emui
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28540 MEDIUM This Month

Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiality. [CVSS 4.0 MEDIUM]

Buffer Overflow Harmonyos
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-22040 MEDIUM This Month

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. [CVSS 5.3 MEDIUM]

Memory Corruption Use After Free Buffer Overflow Nanomq
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-70222 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin,goform/getAuthCode. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70225 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWWConfig. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70221 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-46108 CRITICAL POC Act Now

D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the function formTcpipSetup. [CVSS 9.8 CRITICAL]

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3544 HIGH PATCH This Week

Google Chrome versions before 145.0.7632.159 contain a heap buffer overflow in the WebCodecs component that enables remote attackers to write data outside allocated memory bounds through malicious HTML pages. An unauthenticated attacker can exploit this vulnerability with minimal user interaction to achieve arbitrary code execution on affected systems. A patch is available in Chrome 145.0.7632.159 and later.

Google Buffer Overflow Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-70219 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formDeviceReboot. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-20024 MEDIUM This Month

OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software is affected by buffer overflow (CVSS 6.8).

Cisco Buffer Overflow Adaptive Security Appliance Software Firepower Threat Defense Software
NVD VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-20023 MEDIUM This Month

Memory corruption in Cisco Secure Firewall ASA and FTD OSPF packet processing allows adjacent, unauthenticated attackers to crash affected devices by sending crafted protocol packets. The vulnerability results in device reboot and denial of service, with no authentication or user interaction required. No patch is currently available.

Cisco Memory Corruption Denial Of Service Buffer Overflow
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-20020 MEDIUM This Month

Insufficient input validation in Cisco Secure Firewall ASA and Secure FTD OSPF implementations allows adjacent attackers to trigger denial of service by sending malformed OSPF update packets that cause device reloads. Authentication bypass is possible if OSPF authentication is disabled, though knowing the secret key is required when authentication is enabled. No patch is currently available for this medium-severity vulnerability.

Cisco Buffer Overflow
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-70226 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70223 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-20100 HIGH This Week

Cisco Secure Firewall ASA and FTD devices are vulnerable to a denial of service attack through the Remote Access SSL VPN feature, where authenticated attackers can trigger unvalidated input processing in the Lua interpreter to force device reloads. The vulnerability stems from insufficient input validation in the Lua interpreter and can be exploited by sending specially crafted HTTP packets over an existing VPN connection. No patch is currently available for this HIGH severity issue (CVSS 7.7).

Cisco Denial Of Service Buffer Overflow
NVD VulDB
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-70220 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70218 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvFirewall. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-23235 HIGH PATCH This Week

Local privilege escalation in Linux kernel f2fs sysfs attributes allows unprivileged users to trigger out-of-bounds memory access and cause denial of service by writing oversized integer values to filesystem control interfaces. The vulnerability stems from improper bounds checking when mapping sysfs attributes to kernel structures of varying integer sizes, enabling attackers to corrupt kernel memory and crash the system. No patch is currently available for this vulnerability.

Linux Buffer Overflow Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability [CVSS 7.8 HIGH]

Information Disclosure Buffer Overflow Microsoft +15
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Azure Linux Virtual Machines results from a heap-based buffer overflow that authenticated local users can exploit to gain elevated system access. An attacker with valid credentials can trigger memory corruption to bypass privilege restrictions and assume administrative control of the affected virtual machine. No patch is currently available, making this a critical risk for organizations running Azure Linux infrastructure.

Buffer Overflow Heap Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 versions up to 1.0.1 is affected by classic buffer overflow (CVSS 8.8).

Fortinet Buffer Overflow
NVD VulDB
EPSS 0% CVSS 8.1
HIGH This Week

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. [CVSS 8.1 HIGH]

Fortinet Buffer Overflow Stack Overflow +1
NVD VulDB
EPSS 0% CVSS 5.9
MEDIUM This Month

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720VS, M730VS, and M750VS, M70V Series M70V, E70 Series E70, and Software Tools NC Trainer2 and NC Trainer2 plus allows a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition by sending specially crafted packets to TCP port 683. [CVSS 5.9 MEDIUM]

Buffer Overflow
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur.

Buffer Overflow Microsoft Heap Overflow +4
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur.

Buffer Overflow Imagemagick Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

BilateralBlurImage contains a heap buffer over-read caused by an incorrect conversion. When processing a crafted image with the `-bilateral-blur` operation an out of bounds read can occur. ``` ================================================================= ==676172==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x50a0000079c0 at pc 0x57b483c722f7 bp 0x7fffc0acd380 sp 0x7fffc0acd370 READ of size 4 at 0x50a0000079c0 thread T0 ```

Buffer Overflow Imagemagick Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write.

Buffer Overflow Heap Overflow Imagemagick +2
NVD GitHub VulDB
EPSS 0% CVSS 7.7
HIGH PATCH This Week

High severity vulnerability in ImageMagick. MagnifyImage uses a fixed-size stack buffer. When using a specific image it is possible to overflow this buffer and corrupt the stack.

Buffer Overflow Stack Overflow Imagemagick +2
NVD GitHub VulDB
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

ImageMagick is free and open-source software used for editing and manipulating digital images. versions up to 7.1.2-16 is affected by buffer overflow (CVSS 5.7).

Buffer Overflow Imagemagick Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

High severity vulnerability in ImageMagick. An integer overflow in DIB coder can result in out of bounds read or write

Imagemagick Information Disclosure Buffer Overflow
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Heap over-read in ImageMagick's MAT decoder prior to versions 7.1.2-16 and 6.9.13-41 results from incorrect arithmetic parenthesization, allowing remote attackers to leak sensitive memory contents and cause denial of service through crafted MAT image files. The vulnerability requires no authentication or user interaction and affects systems using vulnerable ImageMagick versions for image processing. No patch is currently available, leaving users dependent on upgrading to patched versions when released.

Buffer Overflow Information Disclosure Imagemagick +2
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data.

Buffer Overflow Imagemagick Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation.

Buffer Overflow Imagemagick Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

High severity vulnerability in ImageMagick. A stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption.

Linux Buffer Overflow Imagemagick +2
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC This Week

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formdumpeasysetup. [CVSS 7.5 HIGH]

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard534. [CVSS 7.5 HIGH]

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard52. [CVSS 7.5 HIGH]

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. [CVSS 6.2 MEDIUM]

RCE Denial Of Service Buffer Overflow +3
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The rtsock_msg_buffer() function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddr_storage structure on the stack. [CVSS 7.5 HIGH]

Buffer Overflow Privilege Escalation Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 via a buffer overflow in the /goform/formApMail handler allows authenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at elevated risk. The attack requires network access but no user interaction, making it a significant threat to organizations using this device.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Unauthenticated remote attackers can achieve complete system compromise (code execution, data theft, and denial of service) against UTT HiPER 810G firmware versions up to 1.7.7-1711 through a buffer overflow in the /goform/getOneApConfTempEntry endpoint. Public exploit code is available and actively being leveraged in attacks. No patch is currently available for affected devices.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows authenticated remote attackers to achieve complete system compromise through a malformed page parameter in the /goform/P2pListFilter endpoint. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk of code execution and data theft.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise. [CVSS 8.8 HIGH]

Buffer Overflow Stack Overflow Universal Bacnet Router Firmware
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows authenticated attackers to achieve remote code execution through a malicious page parameter in the /goform/DhcpListClient endpoint. Public exploit code is available and the vulnerability remains unpatched, creating significant risk for deployed devices. This affects both the Tenda FH1202 router and Stack Overflow services with high severity impact on confidentiality, integrity, and availability.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows remote authenticated attackers to achieve complete system compromise through manipulation of the page parameter in the /goform/NatStaticSetting function. Public exploit code exists for this vulnerability and no patch is currently available. The flaw requires valid credentials but can be exploited over the network with no user interaction.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows remote authenticated attackers to achieve full system compromise through manipulation of the webSiteId parameter in the /goform/webtypelibrary function. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the potential for complete confidentiality, integrity, and availability impact.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 9.3
CRITICAL Act Now

Remote code execution in Atop Technologies EHG2408-series industrial Ethernet switches (including the EHG2408 and EHG2408-2SFP firmware) allows unauthenticated attackers to hijack the device's execution flow via a stack-based buffer overflow and run arbitrary code. The flaw was reported through Taiwan's CERT (TWCERT) and carries a CVSS 4.0 base score of 9.3, reflecting fully unauthenticated network exploitation with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis, and the EPSS score is low (0.14%, 34th percentile), suggesting exploitation has not yet been observed at scale.

Buffer Overflow Stack Overflow Atop Ehg2408 2sfp Firmware +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows remote attackers with low privileges to execute arbitrary code through crafted mit_ssid parameters sent to the AdvSetWrlsafeset function. Public exploit code exists for this vulnerability and no patch is currently available. The attack requires network access but no user interaction, making it readily exploitable in affected deployments.

Buffer Overflow Stack Overflow Fh1202 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Tenda i3 1.0.0.6(2204) firmware allows unauthenticated attackers to achieve full system compromise through a stack-based buffer overflow in the WifiMacFilterSet function. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring immediate mitigation through network segmentation or device isolation.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Tenda i3 firmware versions up to 1.0.0.6(2204) via stack-based buffer overflow in the WiFi MAC filter function allows unauthenticated attackers to achieve full system compromise over the network. Public exploit code exists for this vulnerability and no patch is currently available. The flaw requires only low complexity to exploit and affects the confidentiality, integrity, and availability of affected devices.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda i3 1.0.0.6(2204) firmware allows authenticated remote attackers to achieve code execution by manipulating the cmdinput parameter in the /goform/exeCommand function. Public exploit code exists for this vulnerability and no patch is currently available, placing affected devices at immediate risk.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda i3 1.0.0.6(2204) firmware allows authenticated remote attackers to achieve complete system compromise through manipulation of ping parameters in the setAutoPing function. Public exploit code exists for this vulnerability and no patch is currently available, creating significant risk for affected deployments.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack overflow in Tenda i3 firmware version 1.0.0.6(2204) allows authenticated remote attackers to achieve full system compromise through a malformed funcpara1 parameter in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can execute arbitrary code with full system privileges.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability. [CVSS 7.5 HIGH]

Industrial Buffer Overflow Denial Of Service +1
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Stack-based buffer overflow in Delta Electronics COMMGR2 communication management software. ICS vulnerability enabling remote code execution on industrial communication gateways.

Industrial Buffer Overflow Stack Overflow +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware 1.0.0.3 allows remote attackers with valid credentials to achieve unauthenticated code execution through a malformed GO parameter in the WrlclientSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations using vulnerable F453 devices should implement network segmentation and access controls to mitigate exploitation risk.

Golang Buffer Overflow Stack Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware version 1.0.0.3 allows authenticated remote attackers to achieve complete system compromise through a malformed GO parameter in the WrlExtraSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems face high risk of unauthorized code execution, data theft, and service disruption.

Golang Buffer Overflow Stack Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware allows unauthenticated remote attackers to execute arbitrary code through the cmdinput parameter in the /goform/exeCommand function, with public exploit code already available. The vulnerability affects F453 firmware version 1.0.0.3 and has a CVSS score of 8.8, enabling complete compromise of affected devices without requiring user interaction. No patch is currently available.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Out-of-bounds read in libssh versions up to 0.11.3 allows remote attackers to cause denial of service by manipulating the idx argument in the SFTP extension name handler functions. The vulnerability resides in the sftp_extensions_get_name and sftp_extensions_get_data functions, enabling unauthenticated attackers to trigger memory access violations without user interaction. Upgrading to libssh 0.11.4 or 0.12.0 resolves this issue.

Buffer Overflow Libssh Red Hat +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Tenda F453 firmware versions 1.0.0.3 and 3.As via stack-based buffer overflow in the PPTP client configuration endpoint allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware versions 1.0.0.3/1.1f allows authenticated remote attackers to execute arbitrary code through malformed funcname/funcpara1 parameters in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the complete compromise potential of affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated attackers to achieve remote code execution through improper input validation in the QuickIndex handler. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at significant risk of compromise.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve full system compromise through a malicious page parameter in the webExcptypemanFilter function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, making it a significant risk for affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Wavlink WL-WN579X3-C firmware through stack-based buffer overflow in the firewall.cgi module allows unauthenticated attackers to achieve complete system compromise via manipulation of the del_flag parameter. Public exploit code exists for this vulnerability, and no patch is currently available despite vendor notification. Affected users should immediately restrict network access to the affected device until a firmware update becomes available.

Buffer Overflow Stack Overflow Wl Wn579x3 C Firmware
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC PATCH Monitor

Heap buffer overflow in libpng's pnm2png utility (versions up to 1.6.55) allows local attackers to corrupt memory and potentially execute code by supplying malicious width or height parameters. The vulnerability requires local access and public exploit code is available. The maintainers have not yet provided a patch despite early notification.

Buffer Overflow
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW Monitor

Integer overflow in MrNanko webp4j versions up to 1.3.x within the GIF decoder's DecodeGifFromMemory function allows local attackers to trigger memory corruption through manipulation of the canvas_height parameter. Public exploit code exists for this vulnerability, and no patch is currently available. Affected users should restrict local access to the application until an update is released.

Buffer Overflow
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Wavlink NU516U1 firmware 251208 has a buffer overflow enabling remote code execution through crafted HTTP requests to the CGI interface.

Buffer Overflow Wl Nu516u1 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in H3C Magic B1 firmware through a buffer overflow in the SSID configuration function allows unauthenticated attackers to gain complete system compromise over the network. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification. The flaw affects firmware versions up to 100R004 and requires only low complexity to exploit with valid credentials.

Buffer Overflow Magic B1 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware up to version 1.7.7-171114 through a stack buffer overflow in the DNS filter configuration function allows authenticated attackers to execute arbitrary commands with full system privileges. Public exploit code is available for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement network-level mitigations or device replacement until a fix is released.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 stems from an unsafe strcpy operation in the /goform/formRemoteControl function that enables unauthenticated attackers to trigger a buffer overflow. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

A buffer overflow in the NTP configuration handler of UTT HiPER 810G firmware versions up to 1.7.7-171114 enables authenticated remote attackers to achieve complete system compromise through memory corruption. Public exploit code exists for this vulnerability, and no patch is currently available. Affected devices face immediate risk of remote code execution with high privileges from any authenticated user.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Stack Overflow's Language Package Configuration Handler contains a stack-based buffer overflow in the httpd component that can be triggered by manipulating the Language parameter, allowing authenticated remote attackers to achieve code execution. The vulnerability affects Planet ICG-2510 1.0_20250811 and currently lacks an available patch. An attacker with valid credentials can exploit this remotely without user interaction to potentially compromise the affected system.

Buffer Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZE_MAX, which could lead to integer wraparound causing an undersized output buffer. [CVSS 7.5 HIGH]

Buffer Overflow Integer Overflow Denial Of Service +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Perl Crypt::NaCl::Sodium module through 2.002 has potential integer overflows in cryptographic operations that could weaken security guarantees.

Integer Overflow Buffer Overflow Crypt
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Tenda FH451 firmware via stack-based buffer overflow in the QuickIndex function allows unauthenticated attackers to execute arbitrary code by sending crafted requests with oversized PPPOEPassword parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires network access and affects firmware version 1.0.0.9 and potentially other versions.

Buffer Overflow Stack Overflow F451 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Tenda FH451 firmware via stack-based buffer overflow in the WAN configuration endpoint allows unauthenticated attackers to achieve full system compromise through malicious wanmode or PPPOEPassword parameters. Public exploit code exists for this vulnerability, and no patch is currently available. Stack Overflow products are also reported as affected.

Buffer Overflow Stack Overflow Fh451 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack overflow in Tenda FH451 firmware's setcfm function allows authenticated remote attackers to achieve complete system compromise through malicious funcname or funcpara1 parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects firmware version 1.0.0.9 and enables remote code execution with high impact to confidentiality, integrity, and availability.

Buffer Overflow Stack Overflow Fh451 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compound_document::read_directory of the file source/detail/cryptography/compound_document.cpp of the component Encrypted XLSX File Parser. [CVSS 3.3 LOW]

Buffer Overflow Xlnt
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compound_document_istreambuf::xsgetn of the file source/detail/cryptography/compound_document.cpp of the component XLSX File Parser. [CVSS 3.3 LOW]

Buffer Overflow Xlnt
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying oversized input buffers. Attackers can create a payload file containing 255 bytes of data that triggers a buffer overflow condition when processed by the application. [CVSS 6.2 MEDIUM]

Buffer Overflow Denial Of Service Memory Corruption
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

PJSIP versions prior to 2.17 are vulnerable to a stack buffer overflow in the RTP payload parsing mechanism when processing more frames than allocated buffers can accommodate, enabling remote denial of service attacks over the network without authentication. An attacker can trigger a crash by sending specially crafted RTP packets containing excessive frame data, causing the application to become unavailable.

Buffer Overflow Pjsip Red Hat
NVD GitHub VulDB
EPSS 0% CVSS 7.2
HIGH POC This Week

Stack-based buffer overflow in Wavlink WL-NU516U1 firmware's login.cgi allows remote attackers with high privileges to achieve complete system compromise through a malformed ipaddr parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables unauthenticated remote code execution with full read, write, and execution capabilities on affected devices.

Buffer Overflow Stack Overflow Wl Nu516u1 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW Monitor

A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. [CVSS 3.3 LOW]

Buffer Overflow Ettercap
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH POC This Week

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. [CVSS 7.8 HIGH]

Linux Buffer Overflow Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

Vulnerability of uninitialized pointer access in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.8 MEDIUM]

Buffer Overflow Harmonyos
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 5.9 MEDIUM]

Buffer Overflow Harmonyos
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.5 MEDIUM]

Buffer Overflow Harmonyos Emui
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiality. [CVSS 4.0 MEDIUM]

Buffer Overflow Harmonyos
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. [CVSS 5.3 MEDIUM]

Memory Corruption Use After Free Buffer Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin,goform/getAuthCode. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWWConfig. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the function formTcpipSetup. [CVSS 9.8 CRITICAL]

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Google Chrome versions before 145.0.7632.159 contain a heap buffer overflow in the WebCodecs component that enables remote attackers to write data outside allocated memory bounds through malicious HTML pages. An unauthenticated attacker can exploit this vulnerability with minimal user interaction to achieve arbitrary code execution on affected systems. A patch is available in Chrome 145.0.7632.159 and later.

Google Buffer Overflow Chrome +2
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formDeviceReboot. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM This Month

OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software is affected by buffer overflow (CVSS 6.8).

Cisco Buffer Overflow Adaptive Security Appliance Software +1
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

Memory corruption in Cisco Secure Firewall ASA and FTD OSPF packet processing allows adjacent, unauthenticated attackers to crash affected devices by sending crafted protocol packets. The vulnerability results in device reboot and denial of service, with no authentication or user interaction required. No patch is currently available.

Cisco Memory Corruption Denial Of Service +1
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM This Month

Insufficient input validation in Cisco Secure Firewall ASA and Secure FTD OSPF implementations allows adjacent attackers to trigger denial of service by sending malformed OSPF update packets that cause device reloads. Authentication bypass is possible if OSPF authentication is disabled, though knowing the secret key is required when authentication is enabled. No patch is currently available for this medium-severity vulnerability.

Cisco Buffer Overflow
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 7.7
HIGH This Week

Cisco Secure Firewall ASA and FTD devices are vulnerable to a denial of service attack through the Remote Access SSL VPN feature, where authenticated attackers can trigger unvalidated input processing in the Lua interpreter to force device reloads. The vulnerability stems from insufficient input validation in the Lua interpreter and can be exploited by sending specially crafted HTTP packets over an existing VPN connection. No patch is currently available for this HIGH severity issue (CVSS 7.7).

Cisco Denial Of Service Buffer Overflow
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvFirewall. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Local privilege escalation in Linux kernel f2fs sysfs attributes allows unprivileged users to trigger out-of-bounds memory access and cause denial of service by writing oversized integer values to filesystem control interfaces. The vulnerability stems from improper bounds checking when mapping sysfs attributes to kernel structures of varying integer sizes, enabling attackers to corrupt kernel memory and crash the system. No patch is currently available for this vulnerability.

Linux Buffer Overflow Information Disclosure +3
NVD VulDB
Prev Page 39 of 402 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy