Skip to main content

Stack Overflow

2223 CVEs technique

Monthly

CVE-2020-15417 MEDIUM This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE R6700 Firmware
NVD
CVSS 3.1
6.3
EPSS
1.3%
CVE-2020-15416 HIGH This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
6.4%
CVE-2020-10924 HIGH POC THREAT This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
87.3%
CVE-2020-14511 CRITICAL Act Now

Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Edr G902 T Firmware Edr G902 Firmware Edr G903 T Firmware +1
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2020-12498 HIGH This Week

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pc Worx Pc Worx Express
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2020-12497 HIGH This Week

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pc Worx Pc Worx Express
NVD
CVSS 3.1
7.8
EPSS
14.7%
CVE-2020-4044 HIGH PATCH This Week

The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Stack Overflow Xrdp
NVD GitHub
CVSS 3.1
7.8
EPSS
2.4%
CVE-2020-12019 CRITICAL Act Now

WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Webaccess
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-2027 HIGH This Week

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Paloalto Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2020-2006 HIGH This Week

A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Paloalto Pan Os
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2020-12002 CRITICAL Act Now

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Webaccess
NVD
CVSS 3.1
9.8
EPSS
9.1%
CVE-2020-6996 CRITICAL Act Now

Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Dnp3 Source Code Library
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-10615 HIGH This Week

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Scada Data Gateway
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2020-10639 HIGH This Week

Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Hmisoft Vu3 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1990 HIGH This Week

A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Paloalto Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2020-5735 HIGH POC KEV THREAT This Week

Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Stack Overflow 1080 Lite 8Ch Firmware Amdv10814 H5 Firmware +16
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
35.6%
CVE-2020-10599 CRITICAL Act Now

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Vbase Editor Vbase Web Remote
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-7065 HIGH POC PATCH This Week

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Stack Overflow PHP Debian Linux +2
NVD
CVSS 3.1
8.8
EPSS
4.8%
CVE-2020-5344 CRITICAL Act Now

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Dell Idrac7 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2020-10607 HIGH This Week

In Advantech WebAccess, Versions 8.4.2 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Webaccess
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2020-10881 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow TP-Link Ac1750 Firmware
NVD
CVSS 3.1
9.8
EPSS
10.9%
CVE-2020-7007 CRITICAL Act Now

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Eds G516E Firmware Eds 510E Firmware
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2020-6989 CRITICAL Act Now

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pt 7528 24Tx Hv Firmware Pt 7528 24Tx Hv Hv Firmware +53
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2020-7002 HIGH This Week

Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cncsoft Screeneditor
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2020-8860 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Stack Overflow RCE Android
NVD
CVSS 3.1
8.0
EPSS
0.7%
CVE-2020-5234 NuGet MEDIUM PATCH This Month

MessagePack for C# and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Stack Overflow Messagepack
NVD GitHub
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-5204 HIGH PATCH This Week

In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Stack Overflow Uftpd
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2019-15695 HIGH POC PATCH This Week

TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow RCE Tigervnc Leap
NVD GitHub
CVSS 3.1
7.2
EPSS
4.5%
CVE-2019-18236 HIGH This Week

Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Plc Editor
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2019-7482 CRITICAL Act Now

Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Sonicwall Sma 100 Firmware
NVD
CVSS 3.1
9.8
EPSS
8.8%
CVE-2019-18257 CRITICAL Act Now

In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Diaganywhere
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2019-3951 CRITICAL POC Act Now

Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow RCE Webaccess
NVD
CVSS 3.1
9.8
EPSS
3.6%
CVE-2019-18310 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2019-19334 CRITICAL PATCH Act Now

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Stack Overflow RCE Libyang +2
NVD GitHub
CVSS 3.1
9.8
EPSS
3.9%
CVE-2019-19333 CRITICAL PATCH Act Now

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Stack Overflow RCE Libyang +1
NVD GitHub
CVSS 3.1
9.8
EPSS
3.6%
CVE-2019-14897 CRITICAL PATCH Act Now

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Stack Overflow Buffer Overflow Linux RCE +3
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2019-11931 HIGH This Week

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Stack Overflow Apple Whatsapp +2
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-15683 CRITICAL PATCH Act Now

TurboVNC server code contains stack buffer overflow vulnerability in commit prior to cea98166008301e614e0d36776bf9435a536136e. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Stack Overflow RCE Turbovnc
NVD GitHub
CVSS 3.1
9.8
EPSS
19.4%
CVE-2019-17145 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Phantompdf
NVD
CVSS 3.1
8.8
EPSS
5.5%
CVE-2019-3729 LOW Monitor

RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Bsafe Micro Edition Suite
NVD
CVSS 3.1
2.4
EPSS
0.4%
CVE-2019-13556 HIGH This Week

In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Webaccess
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2019-13548 CRITICAL PATCH Act Now

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Stack Overflow RCE Control For Beaglebone Control For Empc A Imx6 +11
NVD
CVSS 3.1
9.8
EPSS
5.9%
CVE-2019-13540 HIGH This Week

Delta Electronics TPEditor, Versions 1.94 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Tpeditor
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2019-13518 HIGH This Week

An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Ez Touch Editor
NVD
CVSS 3.0
7.8
EPSS
1.4%
CVE-2019-13156 HIGH This Week

NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Cloud Explorer
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2019-5041 HIGH This Week

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Aspose Words
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2019-5038 HIGH POC This Week

An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Openweave Core
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2019-13520 HIGH This Week

Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Alpha5 Smart Loader Firmware
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2019-1185 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Buffer Overflow Stack Overflow Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.3
EPSS
1.1%
CVE-2019-10974 MEDIUM This Month

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Energyplus
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0053 HIGH POC This Week

Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Juniper Buffer Overflow Stack Overflow Junos Debian Linux
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-10193 HIGH PATCH This Week

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Redis Buffer Overflow Stack Overflow Openstack Enterprise Linux +6
NVD
CVSS 3.1
7.2
EPSS
23.7%
CVE-2019-10164 HIGH This Week

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Buffer Overflow Stack Overflow RCE Enterprise Linux +2
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2019-10967 HIGH This Week

In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Ovation Ocr400 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.8%
CVE-2019-10954 HIGH This Week

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Compactlogix 5370 L1 Firmware Compactlogix 5370 L2 Firmware Compactlogix 5370 L3 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
6.1%
CVE-2019-3930 CRITICAL POC Act Now

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Am 100 Firmware Am 101 Firmware +10
NVD
CVSS 3.1
9.8
EPSS
7.0%
CVE-2019-10947 HIGH PATCH This Week

Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow RCE Cncsoft Screeneditor
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2019-0008 CRITICAL Act Now

A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Buffer Overflow Stack Overflow RCE Junos
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2019-6550 CRITICAL Act Now

Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Webaccess
NVD
CVSS 3.1
9.8
EPSS
6.1%
CVE-2019-6553 CRITICAL Act Now

A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Rockwell Rslinx
NVD
CVSS 3.1
9.8
EPSS
50.0%
CVE-2019-8276 HIGH This Week

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Ultravnc Sinumerik Access Mymachine P2P +2
NVD
CVSS 3.1
7.5
EPSS
5.7%
CVE-2019-8269 HIGH This Week

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Ultravnc Sinumerik Access Mymachine P2P +2
NVD
CVSS 3.1
7.5
EPSS
5.7%
CVE-2019-3922 CRITICAL POC Act Now

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE I 240W Q Gpon Ont Firmware
NVD
CVSS 3.1
9.8
EPSS
5.2%
CVE-2019-3921 HIGH POC THREAT This Week

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE I 240W Q Gpon Ont Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
17.9%
CVE-2019-8263 MEDIUM This Month

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Ultravnc Sinumerik Access Mymachine P2P +2
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2019-6537 HIGH PATCH This Week

Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Trend Micro Stack Overflow Levistudiou
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2019-3822 CRITICAL POC PATCH THREAT Act Now

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Libcurl Ubuntu Linux Debian Linux +13
NVD
CVSS 3.1
9.8
EPSS
12.8%
CVE-2018-20247 HIGH This Week

In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Quick Pdf Library
NVD
CVSS 3.1
7.8
EPSS
54.5%
CVE-2018-11463 HIGH This Week

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Sinumerik 808D V4 7 Firmware Sinumerik 808D V4 8 Firmware Sinumerik 828D V4 7 Firmware +2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-18993 HIGH This Week

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx One Cx Programmer Cx Server
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2018-17930 CRITICAL Act Now

A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Sherlock
NVD
CVSS 3.1
9.8
EPSS
7.3%
CVE-2018-17614 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Losant Arduino MQTT Client prior to V2.7. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Arduino Mqtt Client
NVD GitHub
CVSS 3.0
8.8
EPSS
9.3%
CVE-2018-17916 CRITICAL POC Act Now

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Indusoft Web Studio Edge Intouch Machine Edition 2014
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2018-17910 HIGH This Week

WebAccess Versions 8.3.2 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Webaccess
NVD
CVSS 3.0
7.8
EPSS
5.2%
CVE-2018-14816 CRITICAL Act Now

Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Webaccess
NVD
CVSS 3.1
9.8
EPSS
4.1%
CVE-2018-14807 CRITICAL Act Now

A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Pac Control
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2018-17911 HIGH This Week

LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Laquis Scada
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2018-10839 MEDIUM POC PATCH This Month

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Qemu Ubuntu Linux Debian Linux
NVD
CVSS 3.0
6.5
EPSS
3.2%
CVE-2018-17929 HIGH This Week

In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Tpeditor
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2018-14818 CRITICAL Act Now

WECON Technology Co., Ltd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Pi Studio Pi Studio Hmi
NVD
CVSS 3.1
9.8
EPSS
3.5%
CVE-2018-14800 HIGH This Week

Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Ispsoft
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-14802 CRITICAL Act Now

Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Frenic Loader 3 3 Firmware
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2018-14823 CRITICAL Act Now

Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow V Server Firmware
NVD
CVSS 3.1
9.8
EPSS
4.0%
CVE-2018-10602 HIGH This Week

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Levistudiou
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2018-14633 HIGH PATCH This Week

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required.

Privilege Escalation Linux Buffer Overflow Stack Overflow Linux Kernel +7
NVD
CVSS 3.1
7.0
EPSS
8.7%
CVE-2018-14318 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Buffer Overflow Stack Overflow Galaxy S8 Firmware
NVD
CVSS 3.0
8.8
EPSS
2.5%
CVE-2018-14829 CRITICAL POC THREAT Act Now

Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Rockwell RCE Buffer Overflow Stack Overflow Rslinx
NVD
CVSS 3.0
9.8
EPSS
16.1%
CVE-2018-14792 MEDIUM This Month

WECON PLC Editor version 1.3.3U may allow an attacker to execute code under the current process when processing project files. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Plc Editor
NVD
CVSS 3.0
6.3
EPSS
1.3%
CVE-2018-10907 HIGH PATCH This Week

It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Stack Overflow Glusterfs Virtualization Host +3
NVD
CVSS 3.1
8.8
EPSS
3.4%
CVE-2018-14793 HIGH This Week

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to allow arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Deltav
NVD
CVSS 3.0
8.8
EPSS
1.0%
EPSS 1% CVSS 6.3
MEDIUM This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +2
NVD
EPSS 6% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +1
NVD
EPSS 87% CVSS 8.8
HIGH POC THREAT This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Edr G902 T Firmware +3
NVD
EPSS 2% CVSS 7.8
HIGH This Week

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 15% CVSS 7.8
HIGH This Week

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Stack Overflow +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 9% CVSS 9.8
CRITICAL Act Now

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Dnp3 Source Code Library
NVD
EPSS 3% CVSS 7.5
HIGH This Week

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Scada Data Gateway
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Hmisoft Vu3 Firmware
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Paloalto +1
NVD
EPSS 36% CVSS 8.8
HIGH POC KEV THREAT This Week

Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Stack Overflow +18
NVD Exploit-DB
EPSS 3% CVSS 9.8
CRITICAL Act Now

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 5% CVSS 8.8
HIGH POC PATCH This Week

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Stack Overflow +4
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

In Advantech WebAccess, Versions 8.4.2 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 11% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Eds G516E Firmware +1
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +55
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cncsoft Screeneditor
NVD
EPSS 1% CVSS 8.0
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Stack Overflow +2
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

MessagePack for C# and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Stack Overflow Messagepack
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Stack Overflow Uftpd
NVD GitHub
EPSS 4% CVSS 7.2
HIGH POC PATCH This Week

TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow RCE +2
NVD GitHub
EPSS 3% CVSS 7.8
HIGH This Week

Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Plc Editor
NVD
EPSS 9% CVSS 9.8
CRITICAL Act Now

Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +2
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Sppa T3000 Ms3000 Migration Server
NVD
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Stack Overflow +3
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Stack Overflow Buffer Overflow +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Stack Overflow +4
NVD
EPSS 19% CVSS 9.8
CRITICAL PATCH Act Now

TurboVNC server code contains stack buffer overflow vulnerability in commit prior to cea98166008301e614e0d36776bf9435a536136e. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Stack Overflow RCE +1
NVD GitHub
EPSS 5% CVSS 8.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 2.4
LOW Monitor

RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Bsafe Micro Edition Suite
NVD
EPSS 2% CVSS 8.8
HIGH This Week

In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Stack Overflow RCE +13
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Delta Electronics TPEditor, Versions 1.94 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Ez Touch Editor
NVD
EPSS 1% CVSS 7.5
HIGH This Week

NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Alpha5 Smart Loader Firmware
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Buffer Overflow Stack Overflow Microsoft +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Juniper Buffer Overflow Stack Overflow +2
NVD Exploit-DB
EPSS 24% CVSS 7.2
HIGH PATCH This Week

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Redis Buffer Overflow Stack Overflow +8
NVD
EPSS 4% CVSS 8.8
HIGH This Week

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Buffer Overflow Stack Overflow +4
NVD
EPSS 4% CVSS 8.8
HIGH This Week

In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 6% CVSS 7.5
HIGH This Week

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Compactlogix 5370 L1 Firmware +4
NVD
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +12
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 5% CVSS 9.8
CRITICAL Act Now

A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Buffer Overflow Stack Overflow +2
NVD
EPSS 6% CVSS 9.8
CRITICAL Act Now

Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 50% CVSS 9.8
CRITICAL Act Now

A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Rockwell +1
NVD
EPSS 6% CVSS 7.5
HIGH This Week

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 6% CVSS 7.5
HIGH This Week

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 18% CVSS 8.8
HIGH POC THREAT This Week

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD Exploit-DB
EPSS 2% CVSS 6.5
MEDIUM This Month

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Trend Micro Stack Overflow +1
NVD
EPSS 13% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Libcurl +15
NVD
EPSS 54% CVSS 7.8
HIGH This Week

In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Quick Pdf Library
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Sinumerik 808D V4 7 Firmware +4
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx One +2
NVD
EPSS 7% CVSS 9.8
CRITICAL Act Now

A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 9% CVSS 8.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Losant Arduino MQTT Client prior to V2.7. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Indusoft Web Studio +2
NVD
EPSS 5% CVSS 7.8
HIGH This Week

WebAccess Versions 8.3.2 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 3% CVSS 7.8
HIGH This Week

LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 3% CVSS 6.5
MEDIUM POC PATCH This Month

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Qemu +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

WECON Technology Co., Ltd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Ispsoft
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 2% CVSS 8.8
HIGH This Week

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Levistudiou
NVD
EPSS 9% CVSS 7.0
HIGH PATCH This Week

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required.

Privilege Escalation Linux Buffer Overflow +9
NVD
EPSS 2% CVSS 8.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Buffer Overflow +2
NVD
EPSS 16% CVSS 9.8
CRITICAL POC THREAT Act Now

Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Rockwell RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

WECON PLC Editor version 1.3.3U may allow an attacker to execute code under the current process when processing project files. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Plc Editor
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Stack Overflow +5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to allow arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
Prev Page 24 of 25 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy