Skip to main content

Stack Overflow

2223 CVEs technique

Monthly

CVE-2018-10636 HIGH This Week

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Cncsoft Screeneditor
NVD
CVSS 3.1
8.8
EPSS
9.5%
CVE-2018-10628 CRITICAL PATCH Act Now

AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow Intouch 2014 Intouch 2017
NVD
CVSS 3.0
9.8
EPSS
5.4%
CVE-2018-10620 CRITICAL POC Act Now

AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Indusoft Web Studio Intouch Machine 2017
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2018-1046 HIGH PATCH This Week

pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow Pdns
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2018-8847 CRITICAL Act Now

Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow 9000X Firmware
NVD
CVSS 3.1
9.8
EPSS
6.8%
CVE-2018-10594 CRITICAL POC THREAT Emergency

Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Stack Overflow Commgr
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
69.0%
CVE-2018-11447 HIGH This Week

A vulnerability has been identified in SCALANCE M875 (All versions). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Siemens CSRF Buffer Overflow Stack Overflow Scalance M875 Firmware
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2018-10621 CRITICAL Act Now

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Delta Industrial Automation Dopsoft
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2018-10601 HIGH This Week

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon. Rated high severity (CVSS 8.2), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow Intellivue Mp2 Firmware Intellivue X2 Firmware Intellivue Mp30 Firmware +15
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2018-1125 HIGH POC This Week

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Red Hat Buffer Overflow Stack Overflow Procps Ng Ubuntu Linux +2
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2018-10494 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-7499 CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Webaccess Webaccess Dashboard +2
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2018-7494 HIGH This Week

WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length stack buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Wplsoft
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-8865 CRITICAL Act Now

In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow vulnerability has been identified which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Ids 2102 Firmware
NVD
CVSS 3.1
9.8
EPSS
5.8%
CVE-2018-8839 HIGH This Week

Delta PMSoft versions 2.10 and prior have multiple stack-based buffer overflow vulnerabilities where a .ppm file can introduce a value larger than is readable by PMSoft's fixed-length stack buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Pmsoft
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-7527 MEDIUM This Month

A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Levistudio Hmi Editor Levistudiou Pi Studio Hmi Project Programmer
NVD
CVSS 3.0
5.3
EPSS
0.7%
CVE-2018-8840 CRITICAL Act Now

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Web Studio Intouch Machine Edition 2017
NVD
CVSS 3.0
9.8
EPSS
8.4%
CVE-2018-7514 HIGH This Week

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx Flnet Cx One Cx Programmer +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2018-7513 MEDIUM This Month

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx Supervisor
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2018-5476 HIGH This Week

A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Delta Industrial Automation Dopsoft
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2018-1071 MEDIUM This Month

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Zsh Debian Linux +4
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2018-5452 HIGH This Week

A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Controlwave Micro Firmware
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2018-5475 CRITICAL PATCH Act Now

A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow D60 Line Distance Relay Firmware
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2018-5440 CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Buffer Overflow Stack Overflow Codesys Runtime System +1
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2018-1161 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Netvault Backup
NVD
CVSS 3.0
9.8
EPSS
67.2%
CVE-2018-5442 CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in Fuji Electric V-Server VPR 4.0.1.0 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow V Server Vpr Firmware
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2017-3195 CRITICAL POC PATCH THREAT Act Now

Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 46.2%.

Buffer Overflow RCE Stack Overflow Edge
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
46.2%
Threat
4.8
CVE-2017-3193 HIGH PATCH This Week

Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability in the web administration interface HNAP service. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow D-Link Stack Overflow Dir 850L Firmware
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2017-15088 CRITICAL PATCH Act Now

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow RCE Stack Overflow Red Hat +1
NVD GitHub
CVSS 3.1
9.8
EPSS
3.7%
CVE-2017-14016 MEDIUM POC THREAT This Month

A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.2%.

Buffer Overflow RCE Stack Overflow Webaccess
NVD Exploit-DB
CVSS 3.0
6.3
EPSS
19.2%
CVE-2017-13089 HIGH PATCH Act Now

The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 75.8%.

Buffer Overflow Stack Overflow Wget Debian Linux
NVD GitHub
CVSS 3.0
8.8
EPSS
75.8%
Threat
4.0
CVE-2017-13999 CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Levi Studio Hmi Editor
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2017-12188 HIGH PATCH This Week

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest. Rated high severity (CVSS 7.8).

Denial Of Service Linux Buffer Overflow RCE Stack Overflow +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2017-12732 MEDIUM This Month

A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. Rated medium severity (CVSS 6.8). No vendor patch available.

Buffer Overflow RCE Stack Overflow Intelligent Platforms Proficy Hmi Scada Cimplicity
NVD
CVSS 3.0
6.8
EPSS
0.2%
CVE-2017-12706 CRITICAL Act Now

A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Webaccess
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2017-12707 CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Scada Microbrowser
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-9647 MEDIUM This Month

A Stack-Based Buffer Overflow issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow S Gold 2 Pmb 8876
NVD
CVSS 3.0
6.6
EPSS
0.1%
CVE-2017-7936 MEDIUM This Month

A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX. Rated medium severity (CVSS 6.3). No vendor patch available.

Buffer Overflow Stack Overflow Vybrid Mvf30Nn151Cku26 Firmware Vybrid Mvf30Ns151Cku26 Firmware Vybrid Mvf50Nn151Cmk40 Firmware +24
NVD
CVSS 3.0
6.3
EPSS
0.2%
CVE-2017-9629 CRITICAL Act Now

A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 19.7% and no vendor patch available.

Buffer Overflow RCE Schneider Electric Stack Overflow Wonderware Archestra Logger
NVD
CVSS 3.1
9.8
EPSS
19.7%
CVE-2017-7910 HIGH This Week

A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Wind Analysis
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-6025 CRITICAL Act Now

A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Web Server
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-5177 HIGH POC THREAT Act Now

A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 45.1%.

Buffer Overflow RCE Stack Overflow Winplc7 Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
45.1%
Threat
4.4
CVE-2017-6035 HIGH This Week

A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Stack Overflow Levi Studio Hmi Editor
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-6023 CRITICAL Act Now

An issue was discovered in Fatek Automation PLC Ethernet Module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Ethernet Module Configuration Tool Cbe Firmware Ethernet Module Configuration Tool Cbeh Firmware +2
NVD
CVSS 3.1
9.8
EPSS
4.0%
CVE-2014-9200 HIGH This Week

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow RCE Somachine +3
NVD
CVSS 2.0
7.5
EPSS
2.2%
CVE-2014-9190 CRITICAL Act Now

Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow RCE Wonderware Intouch Access Anywhere Server
NVD
CVSS 2.0
10.0
EPSS
6.4%
CVE-2014-9163 HIGH KEV THREAT Act Now

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Buffer Overflow Stack Overflow RCE Adobe Microsoft
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
3.6%
CVE-2014-5407 MEDIUM This Month

Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2). Rated medium severity (CVSS 4.1). No vendor patch available.

Denial Of Service Schneider Electric Stack Overflow Buffer Overflow Vampset
NVD GitHub
CVSS 2.0
4.1
EPSS
0.1%
CVE-2014-2364 HIGH POC THREAT Act Now

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 40.2%.

RCE Stack Overflow Buffer Overflow Advantech Webaccess
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
40.2%
Threat
4.2
CVE-2014-0782 HIGH POC THREAT Act Now

Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 39.8%.

RCE Stack Overflow Buffer Overflow B M9000Cs Software B M9000Cs +13
NVD Exploit-DB
CVSS 2.0
8.3
EPSS
39.8%
Threat
4.4
CVE-2014-0787 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 50.9%.

RCE Stack Overflow Buffer Overflow Kingscada
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
50.9%
Threat
5.0
CVE-2014-0770 HIGH This Week

By providing an overly long string to the UserName parameter, an attacker may be able to overflow the static stack buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
CVSS 2.0
7.5
EPSS
1.1%
CVE-2014-0768 HIGH This Week

An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
CVSS 2.0
7.5
EPSS
1.2%
CVE-2014-0767 HIGH This Week

An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
CVSS 2.0
7.5
EPSS
1.2%
CVE-2014-0766 HIGH This Week

An attacker can exploit this vulnerability by copying an overly long NodeName2 argument into a statically sized buffer on the stack to overflow the static stack buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
CVSS 2.0
7.5
EPSS
1.2%
CVE-2014-0765 HIGH This Week

To exploit this vulnerability, the attacker sends data from the GotoCmd argument to control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
CVSS 2.0
7.5
EPSS
1.2%
CVE-2014-0764 HIGH This Week

By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
CVSS 2.0
7.5
EPSS
1.2%
CVE-2014-0784 HIGH POC Act Now

Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Stack Overflow Buffer Overflow Centum Cs 3000
NVD Exploit-DB
CVSS 2.0
8.3
EPSS
2.5%
CVE-2014-0783 CRITICAL POC Emergency

Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Stack Overflow Buffer Overflow Centum Cs 3000
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
5.3%
CVE-2014-0774 MEDIUM This Month

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Schneider Electric Ofs Test Client Tlxcdlfofs33 Ofs Test Client Tlxcdltofs33 +4
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-0753 HIGH PATCH This Week

Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Stack Overflow Buffer Overflow Denial Of Service Integraxor
NVD
CVSS 2.0
7.8
EPSS
3.1%
CVE-2024-45158 CRITICAL Act Now

Alpine Linux: mbedtls fixed in 3.6.1-r0

Buffer Overflow Stack Overflow
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2026-48715 HIGH PATCH This Week

radvd (Router Advertisement Daemon) on Alpine Linux was patched in package version 2.21-r0 to address an unspecified vulnerability tracked as CVE-2026-48715. The nature of the flaw - its root cause, exploitability, and potential impact - is not disclosed in the available intelligence. radvd handles IPv6 router advertisements and neighbor discovery, meaning vulnerabilities in this component can affect IPv6 network routing, neighbor discovery, or host configuration. No active exploitation, CVSS score, or proof-of-concept code has been identified at time of analysis.

Buffer Overflow Stack Overflow Radvd
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.2%
EPSS 10% CVSS 8.8
HIGH This Week

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +2
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow +2
NVD
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Indusoft Web Studio +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 7% CVSS 9.8
CRITICAL Act Now

Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 69% CVSS 9.8
CRITICAL POC THREAT Emergency

Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD Exploit-DB
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability has been identified in SCALANCE M875 (All versions). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Siemens CSRF Buffer Overflow +2
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 8.2
HIGH This Week

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon. Rated high severity (CVSS 8.2), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow Intellivue Mp2 Firmware +17
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Red Hat Buffer Overflow Stack Overflow +4
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow +2
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +4
NVD
EPSS 3% CVSS 8.8
HIGH This Week

WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length stack buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 6% CVSS 9.8
CRITICAL Act Now

In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow vulnerability has been identified which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Delta PMSoft versions 2.10 and prior have multiple stack-based buffer overflow vulnerabilities where a .ppm file can introduce a value larger than is readable by PMSoft's fixed-length stack buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Levistudio Hmi Editor +2
NVD
EPSS 8% CVSS 9.8
CRITICAL Act Now

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx Flnet +6
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx Supervisor
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +6
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Controlwave Micro Firmware
NVD
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Buffer Overflow +3
NVD
EPSS 67% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in Fuji Electric V-Server VPR 4.0.1.0 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 46% 4.8 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 46.2%.

Buffer Overflow RCE Stack Overflow +1
NVD Exploit-DB
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability in the web administration interface HNAP service. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow D-Link Stack Overflow +1
NVD
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow RCE +3
NVD GitHub
EPSS 19% CVSS 6.3
MEDIUM POC THREAT This Month

A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.2%.

Buffer Overflow RCE Stack Overflow +1
NVD Exploit-DB
EPSS 76% 4.0 CVSS 8.8
HIGH PATCH Act Now

The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 75.8%.

Buffer Overflow Stack Overflow Wget +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest. Rated high severity (CVSS 7.8).

Denial Of Service Linux Buffer Overflow +3
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. Rated medium severity (CVSS 6.8). No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Scada Microbrowser
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

A Stack-Based Buffer Overflow issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX. Rated medium severity (CVSS 6.3). No vendor patch available.

Buffer Overflow Stack Overflow Vybrid Mvf30Nn151Cku26 Firmware +26
NVD
EPSS 20% CVSS 9.8
CRITICAL Act Now

A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 19.7% and no vendor patch available.

Buffer Overflow RCE Schneider Electric +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 45% 4.4 CVSS 7.5
HIGH POC THREAT Act Now

A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 45.1%.

Buffer Overflow RCE Stack Overflow +1
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH This Week

A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Stack Overflow +1
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Fatek Automation PLC Ethernet Module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +4
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow +5
NVD
EPSS 6% CVSS 10.0
CRITICAL Act Now

Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Stack Overflow Buffer Overflow +2
NVD
EPSS 4% CVSS 7.8
HIGH KEV THREAT Act Now

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Buffer Overflow Stack Overflow RCE +2
NVD GitHub VulDB
EPSS 0% CVSS 4.1
MEDIUM This Month

Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2). Rated medium severity (CVSS 4.1). No vendor patch available.

Denial Of Service Schneider Electric Stack Overflow +2
NVD GitHub
EPSS 40% 4.2 CVSS 7.5
HIGH POC THREAT Act Now

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 40.2%.

RCE Stack Overflow Buffer Overflow +1
NVD Exploit-DB
EPSS 40% 4.4 CVSS 8.3
HIGH POC THREAT Act Now

Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 39.8%.

RCE Stack Overflow Buffer Overflow +15
NVD Exploit-DB
EPSS 51% 5.0 CVSS 10.0
CRITICAL POC THREAT Emergency

Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 50.9%.

RCE Stack Overflow Buffer Overflow +1
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH This Week

By providing an overly long string to the UserName parameter, an attacker may be able to overflow the static stack buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Stack Overflow Buffer Overflow +1
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

An attacker can exploit this vulnerability by copying an overly long NodeName2 argument into a statically sized buffer on the stack to overflow the static stack buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Stack Overflow Buffer Overflow +1
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

To exploit this vulnerability, the attacker sends data from the GotoCmd argument to control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Stack Overflow Buffer Overflow +1
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Advantech Webaccess
NVD VulDB
EPSS 2% CVSS 8.3
HIGH POC Act Now

Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Stack Overflow Buffer Overflow +1
NVD Exploit-DB
EPSS 5% CVSS 9.0
CRITICAL POC Emergency

Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Stack Overflow Buffer Overflow +1
NVD Exploit-DB
EPSS 0% CVSS 6.8
MEDIUM This Month

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Schneider Electric +6
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Stack Overflow Buffer Overflow Denial Of Service +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Alpine Linux: mbedtls fixed in 3.6.1-r0

Buffer Overflow Stack Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.7
HIGH PATCH This Week

radvd (Router Advertisement Daemon) on Alpine Linux was patched in package version 2.21-r0 to address an unspecified vulnerability tracked as CVE-2026-48715. The nature of the flaw - its root cause, exploitability, and potential impact - is not disclosed in the available intelligence. radvd handles IPv6 router advertisements and neighbor discovery, meaning vulnerabilities in this component can affect IPv6 network routing, neighbor discovery, or host configuration. No active exploitation, CVSS score, or proof-of-concept code has been identified at time of analysis.

Buffer Overflow Stack Overflow Radvd
NVD GitHub VulDB
Prev Page 25 of 25

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy