Skip to main content

Stack Overflow

2223 CVEs technique

Monthly

CVE-2025-32010 HIGH This Month

A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Tenda Buffer Overflow Stack Overflow RCE Ac6 Firmware
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2024-45062 MEDIUM POC This Month

A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Ippusbxd Firmware
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2023-43683 MEDIUM This Month

An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2012-10060 CRITICAL POC THREAT Emergency

Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 69.1%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB VulDB
CVSS 4.0
9.3
EPSS
69.1%
Threat
5.4
CVE-2012-10058 CRITICAL POC THREAT Emergency

RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 54.7%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
CVSS 4.0
10.0
EPSS
54.7%
Threat
5.1
CVE-2012-10057 HIGH POC Act Now

Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
CVSS 4.0
8.4
EPSS
1.9%
CVE-2025-46405 HIGH This Month

When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Big Ip Access Policy Manager
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-32766 MEDIUM This Month

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via. Rated medium severity (CVSS 6.4). No vendor patch available.

Buffer Overflow Fortinet Stack Overflow RCE Fortiweb
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-49564 HIGH This Week

Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2012-10053 CRITICAL POC THREAT Emergency

Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 64.3%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
64.3%
Threat
5.3
CVE-2012-10051 HIGH POC Act Now

Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow
NVD Exploit-DB
CVSS 4.0
8.4
EPSS
6.9%
CVE-2012-10043 CRITICAL POC Emergency

A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
4.6%
CVE-2025-23311 CRITICAL This Week

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow RCE Denial Of Service +2
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-23310 CRITICAL This Week

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow RCE Microsoft +4
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-8653 HIGH This Month

Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Dmx958Xr Firmware
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2025-54617 MEDIUM This Month

Stack-based buffer overflow vulnerability in the dms_fwk module. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Harmonyos
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2013-10068 CRITICAL POC THREAT Emergency

Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 54.7%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB VulDB
CVSS 4.0
9.4
EPSS
54.7%
Threat
5.0
CVE-2013-10064 CRITICAL POC THREAT Emergency

A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 63.8%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
63.8%
Threat
5.3
CVE-2012-10031 HIGH POC THREAT Act Now

BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.0%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
CVSS 4.0
8.6
EPSS
53.0%
Threat
4.8
CVE-2012-10023 MEDIUM POC THREAT This Month

A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.6%.

Buffer Overflow Stack Overflow RCE Freefloat Ftp Server
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
70.6%
Threat
5.0
CVE-2025-7032 HIGH This Month

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Rockwell Buffer Overflow Stack Overflow Arena
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-7844 LOW Monitor

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default `MAX_RSA_KEY_BITS=2048` is used. Rated low severity (CVSS 1.0), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow
NVD GitHub
CVSS 4.0
1.0
EPSS
0.0%
CVE-2025-23284 HIGH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow RCE Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23283 HIGH PATCH This Month

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow RCE Denial Of Service +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-8477 HIGH This Month

Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Ilx 507 Firmware
NVD
CVSS 3.0
7.4
EPSS
0.1%
CVE-2025-8475 HIGH This Month

Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Ilx 507 Firmware
NVD
CVSS 3.0
7.4
EPSS
0.1%
CVE-2025-8474 MEDIUM This Month

Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Stack Overflow RCE Ilx 507 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2025-8472 HIGH This Week

Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Ilx 507 Firmware
NVD
CVSS 3.0
7.4
EPSS
0.1%
CVE-2025-53009 PyPI MEDIUM POC PATCH This Month

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Stack Overflow Materialx
NVD GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2025-51088 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 firmware V16.03.34.06 exposes the /goform/WifiGuestSet HTTP endpoint to unauthenticated remote attackers via the `shareSpeed` parameter, which lacks proper bounds checking before stack allocation. The official CVSS scores only availability impact (A:L), but stack overflows in embedded router firmware routinely yield remote code execution in practice - the 93rd-percentile EPSS score and a publicly available PoC reinforce elevated real-world risk. No public exploitation or CISA KEV listing has been confirmed at time of analysis, though the PoC lowers the barrier to active targeting of unpatched devices.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
6.8%
CVE-2025-51087 HIGH POC This Week

Stack-based buffer overflow in the Tenda AC8V4 router (firmware V16.03.34.06) lets remote attackers corrupt memory by supplying an oversized 'time' parameter to the /goform/saveParentControlInfo web endpoint. Per the published CVSS vector the flaw is network-reachable with no authentication (PR:N) and low complexity, and publicly available exploit code exists (no public exploit identified as actively exploited in CISA KEV). The EPSS score of 8.43% (94th percentile) marks it as elevated exploitation likelihood relative to the CVE population.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
8.6
EPSS
8.4%
CVE-2025-51085 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 firmware version 16.03.34.06 allows unauthenticated remote attackers to crash the device by sending a crafted HTTP request to the /goform/SetSysTimeCfg endpoint with oversized timeZone or timeType parameters. The vulnerability requires no authentication or user interaction per the CVSS:3.1 vector (PR:N/UI:N), making it trivially exploitable against any network-accessible management interface. A publicly available proof-of-concept exists on GitHub, and the EPSS score of 6.77% at the 93rd percentile signals meaningfully elevated exploitation probability relative to most CVEs - no public exploit identified at time of analysis as confirmed by CISA KEV, but POC availability lowers the bar for less-skilled actors.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
6.8%
CVE-2025-51082 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 home router firmware V16.03.34.06 exposes remote unauthenticated attackers to device crash or potential arbitrary code execution by submitting an oversized timeZone parameter to the /goform/fast_setting_wifi_set endpoint. The CVSS vector confirms no authentication is required and no user interaction is needed; a public proof-of-concept is available on GitHub. No public exploit identified at time of analysis as actively exploited by CISA KEV, but the combination of zero-authentication network access and available POC meaningfully lowers the barrier for exploitation beyond the low EPSS score of 0.47% suggests.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2025-34096 CRITICAL POC THREAT Emergency

Easy File Sharing HTTP Server version 7.2 contains a stack-based buffer overflow triggered by an oversized Email parameter in POST requests to /sendemail.ghp. Unauthenticated attackers can exploit this for remote code execution on the Windows server.

RCE Buffer Overflow Stack Overflow Denial Of Service
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
49.1%
Threat
4.8
CVE-2025-38320 HIGH PATCH This Week

CVE-2025-38320 is a security vulnerability (CVSS 7.1). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Linux Stack Overflow Denial Of Service Debian Linux Linux Kernel +2
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-47120 MEDIUM This Month

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Buffer Overflow Adobe Stack Overflow Framemaker
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-56468 HIGH This Week

IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service.

IBM Buffer Overflow Stack Overflow Denial Of Service Infosphere Data Replication
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-49528 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Stack Overflow Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49527 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Stack Overflow Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-5451 MEDIUM This Month

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service.

Buffer Overflow Ivanti Stack Overflow Denial Of Service Connect Secure +1
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2025-40741 HIGH This Week

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted CFG files. This could allow an attacker to execute code in the context of the current process.

Buffer Overflow Stack Overflow Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-25176 CRITICAL POC PATCH Act Now

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.

Buffer Overflow Stack Overflow Ubuntu Debian Luajit +2
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-6663 HIGH PATCH This Week

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.

RCE Buffer Overflow Stack Overflow Gstreamer Red Hat
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-53176 LOW Monitor

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-53175 MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-53174 MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-53173 MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-53172 MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-53171 MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2024-58117 MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-6073 HIGH This Week

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer for username or password. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.

Buffer Overflow Stack Overflow
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-6072 HIGH This Week

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.

Buffer Overflow Stack Overflow
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-50260 HIGH POC This Week

Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter.

Buffer Overflow Stack Overflow Ac6 Firmware Tenda
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-43025 HIGH This Week

HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.).

Buffer Overflow Stack Overflow Denial Of Service Universal Print Driver
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-24328 MEDIUM This Month

Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later. The OAM service component restarts automatically after the stack overflow without causing a base station restart or network service degradation, and without leaving any permanent impact on the Nokia Single RAN baseband OAM service.

Buffer Overflow Stack Overflow
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2024-53621 HIGH This Week

A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 11ac US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Buffer Overflow Stack Overflow Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-50528 HIGH POC This Week

A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6 <=V15.03.05.19 via the page parameter.

Buffer Overflow Stack Overflow Ac6 Firmware Tenda
NVD GitHub
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-5829 MEDIUM This Month

Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26330.

RCE Buffer Overflow Stack Overflow Maxicharger Dc Compact Pedestal Firmware Maxicharger Dc Compact Mobile Firmware +7
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-6617 HIGH POC This Week

CVE-2025-6617 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the /goform/formAdvanceSetup endpoint. An authenticated attacker can remotely exploit this vulnerability by manipulating the 'webpage' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impacts). The vulnerability has public exploit disclosure and affects only end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Stack Overflow RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-52999 Maven HIGH PATCH This Week

jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly large. jackson-core 2.15.0 contains a configurable limit for how deep Jackson will traverse in an input document, defaulting to an allowable depth of 1000. jackson-core will throw a StreamConstraintsException if the limit is reached. jackson-databind also benefits from this change because it uses jackson-core to parse JSON inputs. As a workaround, users should avoid parsing input files from untrusted sources.

Buffer Overflow Stack Overflow Ubuntu Debian Red Hat +1
NVD GitHub HeroDevs
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-6614 HIGH POC This Week

CVE-2025-6614 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the WAN configuration function. An authenticated remote attacker can exploit this vulnerability by manipulating the 'curTime' parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impacts). The vulnerability has public exploit disclosure and affects only end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Stack Overflow RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6487 HIGH POC This Week

CVE-2025-6487 is a critical stack-based buffer overflow vulnerability in TOTOLINK A3002R router firmware version 1.1.1-B20200824.0128, affecting the formRoute function's subnet parameter processing. An authenticated remote attacker can exploit this to achieve arbitrary code execution with high confidentiality, integrity, and availability impact. The vulnerability has public exploit disclosure and should be treated as actively exploitable.

Buffer Overflow TP-Link Stack Overflow RCE A3002r Firmware +1
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6371 HIGH POC This Week

CVE-2025-6371 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the formSetEnableWizard function. An authenticated remote attacker can exploit this vulnerability by manipulating the 'curTime' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Exploitation has been publicly disclosed with proof-of-concept available, and this vulnerability only affects end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Stack Overflow RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-6170 LOW POC PATCH CISA Monitor

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files.

Buffer Overflow Stack Overflow Jboss Core Services Openshift Container Platform Enterprise Linux +1
NVD GitHub VulDB
CVSS 3.1
2.5
EPSS
0.0%
Threat
4.0
CVE-2025-49589 MEDIUM PATCH This Month

PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP Console Logging. This vulnerability is fixed in 2.3.414.

Buffer Overflow Stack Overflow RCE Ubuntu Debian +1
NVD GitHub
CVSS 4.0
6.1
EPSS
0.1%
CVE-2025-5622 CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 wireless router (version 1.10CNB05) affecting the 5GHz wireless configuration interface. An unauthenticated remote attacker can exploit improper input validation in the wirelessApcli_5g function to achieve complete system compromise including arbitrary code execution, data theft, and service disruption. Public exploit code exists and the affected product line is end-of-life, creating significant risk for unpatched deployments.

Buffer Overflow D-Link Stack Overflow RCE Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-44172 MEDIUM POC This Month

Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.

Buffer Overflow Stack Overflow Ac6 Firmware Tenda
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-49350 MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Stack Overflow Buffer Overflow Denial Of Service Microsoft +2
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-5278 MEDIUM PATCH This Month

A flaw was found in GNU Coreutils. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Stack Overflow
NVD VulDB
CVSS 3.1
4.4
EPSS
0.1%
CVE-2025-48796 HIGH PATCH This Week

A flaw was found in GIMP. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-3484 CRITICAL This Week

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pacs Server
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2025-3483 HIGH This Month

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pacs Server
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-3482 HIGH This Month

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pacs Server
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-3481 HIGH This Month

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pacs Server
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-41426 CRITICAL Act Now

Affected Vertiv products contain a stack based buffer overflow vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow
NVD
CVSS 4.0
9.3
EPSS
0.9%
CVE-2025-48060 HIGH POC PATCH This Week

jq is a command-line JSON processor. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Jq Red Hat Suse
NVD GitHub
CVSS 4.0
7.7
EPSS
0.6%
CVE-2025-44895 MEDIUM POC This Week

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ipv4Aclkey parameter in the web_acl_ipv4BasedAceAdd function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-44892 MEDIUM POC This Week

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ownekey parameter in the web_rmon_alarm_post_rmon_alarm function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-44898 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44897 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44896 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44894 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44891 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44883 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44893 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey parameter in the web_acl_mgmt_Rules_Apply_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44890 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44888 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name parameter in the web_stp_globalSetting_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44887 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44886 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44885 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter in the web_snmpv3_remote_engineId_add_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
EPSS 1% CVSS 8.1
HIGH This Month

A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Tenda Buffer Overflow Stack Overflow +2
NVD
EPSS 0% CVSS 6.4
MEDIUM POC This Month

A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow
NVD
EPSS 69% 5.4 CVSS 9.3
CRITICAL POC THREAT Emergency

Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 69.1%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB VulDB
EPSS 55% 5.1 CVSS 10.0
CRITICAL POC THREAT Emergency

RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 54.7%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
EPSS 2% CVSS 8.4
HIGH POC Act Now

Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
EPSS 0% CVSS 8.7
HIGH This Month

When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Big Ip Access Policy Manager
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via. Rated medium severity (CVSS 6.4). No vendor patch available.

Buffer Overflow Fortinet Stack Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 64% 5.3 CVSS 9.3
CRITICAL POC THREAT Emergency

Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 64.3%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
EPSS 7% CVSS 8.4
HIGH POC Act Now

Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow
NVD Exploit-DB
EPSS 5% CVSS 9.3
CRITICAL POC Emergency

A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL This Week

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow +4
NVD
EPSS 1% CVSS 9.8
CRITICAL This Week

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow +6
NVD
EPSS 0% CVSS 8.8
HIGH This Month

Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Stack-based buffer overflow vulnerability in the dms_fwk module. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Harmonyos
NVD
EPSS 55% 5.0 CVSS 9.4
CRITICAL POC THREAT Emergency

Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 54.7%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB VulDB
EPSS 64% 5.3 CVSS 9.3
CRITICAL POC THREAT Emergency

A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 63.8%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
EPSS 53% 4.8 CVSS 8.6
HIGH POC THREAT Act Now

BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.0%.

Buffer Overflow Stack Overflow RCE
NVD Exploit-DB
EPSS 71% 5.0 CVSS 6.9
MEDIUM POC THREAT This Month

A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.6%.

Buffer Overflow Stack Overflow RCE +1
NVD Exploit-DB
EPSS 0% CVSS 8.4
HIGH This Month

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Rockwell Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 1.0
LOW Monitor

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default `MAX_RSA_KEY_BITS=2048` is used. Rated low severity (CVSS 1.0), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow +4
NVD
EPSS 0% CVSS 7.4
HIGH This Month

Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 7.4
HIGH This Month

Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Stack Overflow +2
NVD
EPSS 0% CVSS 7.4
HIGH This Week

Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Stack Overflow +1
NVD GitHub
EPSS 7% CVSS 5.3
MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 firmware V16.03.34.06 exposes the /goform/WifiGuestSet HTTP endpoint to unauthenticated remote attackers via the `shareSpeed` parameter, which lacks proper bounds checking before stack allocation. The official CVSS scores only availability impact (A:L), but stack overflows in embedded router firmware routinely yield remote code execution in practice - the 93rd-percentile EPSS score and a publicly available PoC reinforce elevated real-world risk. No public exploitation or CISA KEV listing has been confirmed at time of analysis, though the PoC lowers the barrier to active targeting of unpatched devices.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub
EPSS 8% CVSS 8.6
HIGH POC This Week

Stack-based buffer overflow in the Tenda AC8V4 router (firmware V16.03.34.06) lets remote attackers corrupt memory by supplying an oversized 'time' parameter to the /goform/saveParentControlInfo web endpoint. Per the published CVSS vector the flaw is network-reachable with no authentication (PR:N) and low complexity, and publicly available exploit code exists (no public exploit identified as actively exploited in CISA KEV). The EPSS score of 8.43% (94th percentile) marks it as elevated exploitation likelihood relative to the CVE population.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub
EPSS 7% CVSS 5.3
MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 firmware version 16.03.34.06 allows unauthenticated remote attackers to crash the device by sending a crafted HTTP request to the /goform/SetSysTimeCfg endpoint with oversized timeZone or timeType parameters. The vulnerability requires no authentication or user interaction per the CVSS:3.1 vector (PR:N/UI:N), making it trivially exploitable against any network-accessible management interface. A publicly available proof-of-concept exists on GitHub, and the EPSS score of 6.77% at the 93rd percentile signals meaningfully elevated exploitation probability relative to most CVEs - no public exploit identified at time of analysis as confirmed by CISA KEV, but POC availability lowers the bar for less-skilled actors.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 home router firmware V16.03.34.06 exposes remote unauthenticated attackers to device crash or potential arbitrary code execution by submitting an oversized timeZone parameter to the /goform/fast_setting_wifi_set endpoint. The CVSS vector confirms no authentication is required and no user interaction is needed; a public proof-of-concept is available on GitHub. No public exploit identified at time of analysis as actively exploited by CISA KEV, but the combination of zero-authentication network access and available POC meaningfully lowers the barrier for exploitation beyond the low EPSS score of 0.47% suggests.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub
EPSS 49% 4.8 CVSS 9.3
CRITICAL POC THREAT Emergency

Easy File Sharing HTTP Server version 7.2 contains a stack-based buffer overflow triggered by an oversized Email parameter in POST requests to /sendemail.ghp. Unauthenticated attackers can exploit this for remote code execution on the Windows server.

RCE Buffer Overflow Stack Overflow +1
NVD Exploit-DB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

CVE-2025-38320 is a security vulnerability (CVSS 7.1). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Linux Stack Overflow Denial Of Service +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Buffer Overflow Adobe Stack Overflow +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service.

IBM Buffer Overflow Stack Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service.

Buffer Overflow Ivanti Stack Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted CFG files. This could allow an attacker to execute code in the context of the current process.

Buffer Overflow Stack Overflow Solid Edge
NVD
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.

Buffer Overflow Stack Overflow Ubuntu +4
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.

RCE Buffer Overflow Stack Overflow +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

Buffer Overflow Stack Overflow Harmonyos
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer for username or password. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.

Buffer Overflow Stack Overflow
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.

Buffer Overflow Stack Overflow
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter.

Buffer Overflow Stack Overflow Ac6 Firmware +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.).

Buffer Overflow Stack Overflow Denial Of Service +1
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later. The OAM service component restarts automatically after the stack overflow without causing a base station restart or network service degradation, and without leaving any permanent impact on the Nokia Single RAN baseband OAM service.

Buffer Overflow Stack Overflow
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 11ac US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Buffer Overflow Stack Overflow Denial Of Service
NVD GitHub
EPSS 0% CVSS 7.3
HIGH POC This Week

A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6 <=V15.03.05.19 via the page parameter.

Buffer Overflow Stack Overflow Ac6 Firmware +1
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26330.

RCE Buffer Overflow Stack Overflow +9
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6617 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the /goform/formAdvanceSetup endpoint. An authenticated attacker can remotely exploit this vulnerability by manipulating the 'webpage' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impacts). The vulnerability has public exploit disclosure and affects only end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Stack Overflow +2
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly large. jackson-core 2.15.0 contains a configurable limit for how deep Jackson will traverse in an input document, defaulting to an allowable depth of 1000. jackson-core will throw a StreamConstraintsException if the limit is reached. jackson-databind also benefits from this change because it uses jackson-core to parse JSON inputs. As a workaround, users should avoid parsing input files from untrusted sources.

Buffer Overflow Stack Overflow Ubuntu +3
NVD GitHub HeroDevs
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6614 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the WAN configuration function. An authenticated remote attacker can exploit this vulnerability by manipulating the 'curTime' parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impacts). The vulnerability has public exploit disclosure and affects only end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Stack Overflow +2
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6487 is a critical stack-based buffer overflow vulnerability in TOTOLINK A3002R router firmware version 1.1.1-B20200824.0128, affecting the formRoute function's subnet parameter processing. An authenticated remote attacker can exploit this to achieve arbitrary code execution with high confidentiality, integrity, and availability impact. The vulnerability has public exploit disclosure and should be treated as actively exploitable.

Buffer Overflow TP-Link Stack Overflow +3
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6371 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the formSetEnableWizard function. An authenticated remote attacker can exploit this vulnerability by manipulating the 'curTime' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Exploitation has been publicly disclosed with proof-of-concept available, and this vulnerability only affects end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Stack Overflow +2
NVD GitHub VulDB
EPSS 0% 4.0 CVSS 2.5
LOW POC PATCH Monitor

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files.

Buffer Overflow Stack Overflow Jboss Core Services +3
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP Console Logging. This vulnerability is fixed in 2.3.414.

Buffer Overflow Stack Overflow RCE +3
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 wireless router (version 1.10CNB05) affecting the 5GHz wireless configuration interface. An unauthenticated remote attacker can exploit improper input validation in the wirelessApcli_5g function to achieve complete system compromise including arbitrary code execution, data theft, and service disruption. Public exploit code exists and the affected product line is end-of-life, creating significant risk for unpatched deployments.

Buffer Overflow D-Link Stack Overflow +2
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.

Buffer Overflow Stack Overflow Ac6 Firmware +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Stack Overflow Buffer Overflow +4
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

A flaw was found in GNU Coreutils. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Stack Overflow
NVD VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

A flaw was found in GIMP. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow
NVD
EPSS 2% CVSS 9.8
CRITICAL This Week

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Month

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Month

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Month

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

Affected Vertiv products contain a stack based buffer overflow vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow
NVD
EPSS 1% CVSS 7.7
HIGH POC PATCH This Week

jq is a command-line JSON processor. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Jq +2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Week

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ipv4Aclkey parameter in the web_acl_ipv4BasedAceAdd function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Week

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ownekey parameter in the web_rmon_alarm_post_rmon_alarm function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey parameter in the web_acl_mgmt_Rules_Apply_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name parameter in the web_stp_globalSetting_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter in the web_snmpv3_remote_engineId_add_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
Prev Page 10 of 25 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy