Stack Overflow
Monthly
Remote code execution in Tenda AC15 firmware versions up to 15.13.07.13 via a stack-based buffer overflow in the /goform/TextEditingConversion endpoint allows unauthenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating immediate risk for deployed devices. An attacker can exploit this remotely with minimal complexity by manipulating the wpapsk_crypto2_4g parameter.
Stack-based buffer overflow in ThinkWise by SimTech Systems allows unauthenticated remote code execution via crafted network input.
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helpers copy network-supplied payload data into fixed-size stack buffers using memcpy() with a length derived from payload_size. The only length checks are guarded by assert(); in release builds, the asserts are compiled out and memcpy() may copy an unbounded payload_size. Payloads larger than 12 bytes...
Stack overflow denial of service in fast-xml-parser versions prior to 5.3.8 occurs when the XML builder is used with the preserveOrder option enabled, causing the application to crash. An attacker can trigger this vulnerability remotely by sending specially crafted XML input, resulting in service unavailability for applications using the affected library. A patch is available in version 5.3.8 and later.
Stack-based buffer overflow in CodeAstro Food Ordering System 1.0 allows local attackers with user privileges to corrupt memory and potentially execute arbitrary code, with public exploit code currently available. The vulnerability affects food_ordering.exe through an undocumented function and requires local access to exploit. No patch is currently available for affected systems.
SonicOS management interface suffers from stack-based buffer overflow flaws in an API endpoint that allow authenticated administrators to trigger denial of service conditions through improper input validation. The vulnerability affects Stack Overflow and Sonicos products but currently lacks an available patch, leaving deployed systems exposed to authenticated attack vectors with no mitigation path.
Medium severity vulnerability in ImageMagick. # Magick fails to check for circular references between two MSLs, leading to a stack overflow.
Stack-based buffer overflow in ImageMagick versions before 7.1.2-15 allows remote attackers to crash the application and potentially corrupt memory by submitting specially crafted FTXT image files. The vulnerability requires high complexity to exploit but impacts both confidentiality and availability of affected systems. No patch is currently available for this HIGH severity issue (CVSS 7.4).
Remote code execution in Tenda AC8 firmware versions up to 16.03.34.06 allows authenticated attackers to execute arbitrary code via a stack-based buffer overflow in the HTTP upload handler. Public exploit code exists for this vulnerability, which has no patch available. An attacker with valid credentials can trigger the overflow by manipulating the boundary parameter in multipart upload requests.
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. [CVSS 7.3 HIGH]
Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in the modify_add_client_prio function, which is reachable via the formSetClientPrio CGI handler. [CVSS 7.5 HIGH]
Stack-based buffer overflow in D-Link DWR-M960 1.01.07 firmware's scheduled reboot configuration endpoint allows authenticated remote attackers to achieve full system compromise through the submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw requires valid credentials but has a high attack surface due to network accessibility and the severity of potential impacts including code execution and data exfiltration.
Remote code execution in D-Link DWR-M960 firmware through a stack buffer overflow in the VPN configuration endpoint allows authenticated attackers to execute arbitrary code by manipulating the submit-url parameter. The vulnerability affects firmware version 1.01.07 and public exploit code exists, though no patch is currently available.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to execute arbitrary code by manipulating the submit-url parameter in the /boafrm/formDhcpv6s function. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Stack-based buffer overflow in D-Link DWR-M960 firmware (version 1.01.07) allows authenticated attackers to achieve remote code execution via a malicious URL parameter in the /boafrm/formNewSchedule function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, posing a significant risk to affected devices.
Remote code execution in D-Link DWR-M960 firmware 1.01.07 via stack-based buffer overflow in the /boafrm/formWsc endpoint allows authenticated attackers to achieve full system compromise through manipulation of the save_apply parameter. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Stack buffer overflow in Tenda A18 15.13.07.13 firmware allows authenticated remote attackers to execute arbitrary code through malformed boundary parameters in the /cgi-bin/UploadCfg HTTP endpoint. The vulnerability affects the webCgiGetUploadFile function within the Httpd service and has public exploit code available. Affected users should apply patches when available, as the vulnerability requires valid credentials but no user interaction.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to achieve arbitrary code execution by manipulating the submit-url parameter in the wireless access control endpoint. Public exploit code exists for this vulnerability, and no patch is currently available.
Stack-based buffer overflow in D-Link DWR-M960 firmware (version 1.01.07) WLAN encryption configuration endpoint allows authenticated remote attackers to execute arbitrary code with high integrity and confidentiality impact. The vulnerability exists in the submit-url parameter handling within the /boafrm/formWlEncrypt component and has public exploit code available. No patch is currently available for this vulnerability.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to achieve code execution by manipulating the submit-url parameter in the Operation Mode Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can leverage this flaw to fully compromise affected devices.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to execute arbitrary code by manipulating the submit-url parameter in the LTE Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can leverage this flaw to achieve complete system compromise including confidentiality, integrity, and availability breaches.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to achieve complete system compromise through manipulation of the submit-url parameter in the Bridge VLAN Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges.
Stack-based buffer overflow in Tenda HG9 firmware's pingAddr parameter allows unauthenticated remote attackers to achieve code execution through the /boaform/formPing6 endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw carries high severity with complete compromise potential across confidentiality, integrity, and availability.
Stack-based buffer overflow in the Diagnostic Ping Endpoint of Tenda HG9 firmware allows unauthenticated remote attackers to achieve code execution by supplying a malicious pingAddr parameter. The vulnerability exists in the /boaform/formPing component and is exploitable over the network with low complexity. Public exploit code exists and no patch is currently available.
Stack-based buffer overflow in Tenda HG9 firmware's loopback detection endpoint allows remote attackers with valid credentials to achieve complete system compromise through manipulation of the Ethtype parameter. Public exploit code exists for this vulnerability, creating immediate risk in deployed environments. No patch is currently available.
Remote code execution in Tenda HG9 firmware via stack buffer overflow in the GPON configuration endpoint allows authenticated attackers to achieve full system compromise through manipulation of LOID parameters. Public exploit code exists for this vulnerability, increasing the risk of active exploitation in deployed devices. No patch is currently available, making network segmentation and access controls critical for mitigation.
Remote code execution in Tenda HG9 firmware via stack buffer overflow in the Samba configuration endpoint allows authenticated attackers to achieve complete system compromise through manipulation of the sambaCap parameter. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available.
Stack buffer overflow in Tenda HG9 firmware's wireless configuration endpoint allows authenticated remote attackers to achieve arbitrary code execution through a malicious SSID parameter. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. The vulnerability affects the /boaform/formWlanSetup component and currently has no available patch.
Stack Overflow and Tenda A21 1.0.0.0 are vulnerable to remote code execution through a stack-based buffer overflow in the device name configuration function, exploitable by authenticated attackers without user interaction. Public exploit code exists for this vulnerability, enabling attackers to achieve complete compromise of affected systems. No patch is currently available.
Stack-based buffer overflow in D-Link DWR-M960 1.01.07 firmware allows remote authenticated attackers to achieve complete system compromise through crafted input to the IPv6 setup function. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can execute arbitrary code with full system privileges.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to achieve arbitrary code execution through a malformed submit-url parameter in the WAN interface configuration handler. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can leverage this to gain complete system compromise.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows remote attackers with low privileges to achieve complete system compromise through manipulation of the submit-url parameter in the /boafrm/formIpQoS function. Public exploit code exists for this vulnerability and no patch is currently available, creating immediate risk for affected deployments.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to achieve arbitrary code execution by manipulating the submit-url parameter in the /boafrm/formDosCfg function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires low complexity with no user interaction, affecting device confidentiality, integrity, and availability.
Remote code execution in D-Link DWR-M960 firmware through stack-based buffer overflow in the Advanced Firewall Configuration endpoint allows authenticated attackers to achieve complete system compromise. The vulnerability exists in the /boafrm/formFirewallAdv component where improper input validation on the submit-url parameter enables stack overflow attacks. Public exploit code is available and no patch has been released.
Stack-based buffer overflow in Tenda A18 firmware versions up to 15.13.07.13 allows remote attackers with low privileges to achieve code execution through the wpapsk_crypto5g parameter in the /goform/WifiExtraSet endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score (8.8) reflects the combination of remote exploitability and complete system compromise potential.
Stack overflow in Tenda A18 firmware version 15.13.07.13 allows remote attackers with low privileges to achieve complete system compromise through a malformed deviceList parameter in the /goform/setBlackRule endpoint. Public exploit code is available and the vulnerability remains unpatched, creating significant risk for affected devices.
Remote code execution in Tenda A21 1.0.0.0 firmware via stack-based buffer overflow in the WiFi settings endpoint allows authenticated attackers to execute arbitrary code with full system privileges. The vulnerability exists in the fast_setting_wifi_set function where unsanitized SSID parameter input can overflow the stack, and public exploit code is currently available. No patch has been released for this high-severity vulnerability affecting both the A21 firmware and Stack Overflow products.
Stack-based buffer overflow in Tenda A21 firmware allows remote attackers with valid credentials to achieve complete system compromise through malicious input to the schedStartTime/schedEndTime parameters in the openSchedWifi function. Public exploit code exists for this vulnerability, and no patch is currently available. This affects confidentiality, integrity, and availability with high severity (CVSS 8.8).
Stack-based buffer overflow in Tenda A21 1.0.0.0 MAC filtering configuration allows remote authenticated attackers to achieve full system compromise through malicious devName/mac parameters. Public exploit code exists for this vulnerability, which remains unpatched. The flaw affects the set_device_name function in the /goform/setBlackRule endpoint with high exploitability due to network accessibility and low attack complexity.
Remote code execution in Tenda A21 1.0.0.0 firmware results from a stack buffer overflow in the SetIpMacBind function accessible via the /goform/SetIpMacBind endpoint, allowing unauthenticated remote attackers to execute arbitrary code with high integrity and availability impact. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for affected devices.
Remote code execution in Tenda A21 firmware through a stack buffer overflow in the QoS bandwidth configuration endpoint allows unauthenticated attackers to execute arbitrary code with full system privileges. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the set_qosMib_list function when processing unsanitized input, enabling network-based attacks from authenticated users or potentially lower-privileged roles.
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. [CVSS 7.8 HIGH]
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to achieve complete system compromise through the Port Forwarding Configuration endpoint. The vulnerability exists in the submit-url parameter processing and has public exploit code available. Affected devices are remotely exploitable by authenticated users with no user interaction required.
Stack-based buffer overflow in D-Link DWR-M960 firmware 1.01.07 Filter Configuration endpoint allows authenticated remote attackers to achieve full system compromise through a malicious submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but executes with no user interaction needed.
Stack-based buffer overflow in D-Link DWR-M960 firmware's DDNS settings handler allows authenticated remote attackers to achieve complete system compromise through a malicious submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects firmware version 1.01.07 and can be exploited without user interaction.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 NTP configuration endpoint allows remote authenticated attackers to achieve complete system compromise through manipulation of the submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw carries a high severity rating with CVSS score of 8.8 due to potential for remote code execution with minimal attack complexity.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to achieve full system compromise through manipulation of the submit-url parameter in the System Log Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can trigger this flaw to execute arbitrary code with complete control over confidentiality, integrity, and availability.
NanaZip versions 5.0.1252.0 through 6.0.1629.0 are vulnerable to denial of service through malformed ROMFS archives that trigger infinite loops via circular offset chains or stack overflow via deeply nested directory structures. Public exploit code exists for this vulnerability, allowing local attackers to crash the application and cause a denial of service. No patch is currently available.
Buffer overflow in WMV to AVI MPEG DVD Convertor 4.6.1217 allows code execution via crafted media files. PoC available.
Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. [CVSS 9.8 CRITICAL]
Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). [CVSS 8.4 HIGH]
A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wren_compiler.c of the component Error Message Handler. [CVSS 3.3 LOW]
Unauthenticated stack-based buffer overflow in /cgi-bin/api.values.get HTTP API endpoint. EPSS 41.1% indicates very high exploitation probability. Patch available.
Stack-based buffer overflow in TOTOLIK A3002RU firmware versions up to V3.0.0-B20220304.1804 allows authenticated attackers to achieve remote code execution through a malicious static_ipv6 parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the complete compromise of system confidentiality, integrity, and availability for affected devices.
Stack overflow vulnerabilities in TOTOLIK A3002RU V2.1.1 router firmware allow authenticated attackers to achieve remote code execution through malformed vpnUser or vpnPassword parameters. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at risk of complete compromise.
Remote code execution in Wavlink WL-NU516U1 firmware through a stack-based buffer overflow in the nas.cgi User1Passwd parameter allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Stack buffer overflow in Wavlink WL-NU516U1 firmware up to version 130/260 allows authenticated remote attackers to achieve code execution via a malformed firmware_url parameter to /cgi-bin/adm.cgi. Public exploit code exists for this vulnerability and the vendor has not provided a patch despite early notification. The high CVSS score (7.2) reflects the severity of unauthenticated remote code execution risk, though exploitation currently requires high-level privileges.
Stack overflow in Wavlink WL-NU516U1 firmware's /cgi-bin/adm.cgi allows remote attackers with high privileges to achieve code execution via a malicious time_zone parameter. Public exploit code exists for this vulnerability, though exploitation requires high complexity and the vendor has not released a patch.
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
A Stack Overflow vulnerability was discovered in the TON Virtual Machine (TVM) before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. [CVSS 7.5 HIGH]
The BACnet Protocol Stack library versions 1.4.2 and earlier contain an off-by-one buffer overflow in the ubasic interpreter's string tokenizer that crashes the application when processing oversized string literals. Public exploit code exists for this vulnerability, which affects any system running vulnerable versions of the BACnet Stack or Stack Overflow products. An attacker with local access and user interaction can trigger a denial of service condition through a specially crafted input string.
Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by overflowing the registration name input field. [CVSS 6.2 MEDIUM]
FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting the EIP register through a custom command input. [CVSS 8.4 HIGH]
Stack overflow in FTP Navigator 8.03 via SEH overwrite. PoC available.
Stack overflow in Domain Quester Pro 6.02 via SEH overwrite. PoC available.
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. [CVSS 8.8 HIGH]
A stack overflow in the ZBarcode_Encode function of Monkeybread Software MBS DynaPDF Plugin v21.3.1.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 7.5 HIGH]
Stack overflow in Allok Video Converter 4.6.1217 License Name input. PoC available.
Stack overflow in Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 via SEH chain. PoC available.
Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. [CVSS 7.5 HIGH]
Stack overflow in Torrent FLV Converter 1.51 Build 117 via SEH overwrite. PoC available.
Stack overflow in Torrent 3GP Converter 1.51 via SEH overwrite. PoC available.
Stack buffer overflow in Tenda AC9 firmware versions up to 15.03.06.42_multi allows remote attackers to achieve code execution by manipulating scheduled reboot parameters without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high privileges but succeeds over the network with minimal complexity.
Stack overflow in Tenda AC9 firmware versions up to 15.03.06.42_multi allows remote attackers with high privileges to achieve complete system compromise through manipulation of the security.ddos.map parameter. Public exploit code exists for this vulnerability, increasing exploitation risk. No patch is currently available.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows remote attackers with low privileges to achieve complete system compromise through manipulation of QoS parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the set_qosMib_list function in the /goform/formSetQosBand endpoint, enabling unauthorized code execution and data theft.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows authenticated remote attackers to achieve full system compromise through improper argument handling in the SetIpMacBind function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations should implement network segmentation and access controls to restrict administrative functionality until remediation is possible.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 MAC filtering endpoint allows authenticated remote attackers to achieve code execution through crafted device name or MAC address parameters. Public exploit code exists for this vulnerability and no patch is currently available. The flaw affects the /goform/setBlackRule component with high impact on confidentiality, integrity, and availability.
Remote code execution in Tenda RX3 firmware versions up to 16.03.13.11 via stack-based buffer overflow in the /goform/openSchedWifi endpoint allows unauthenticated attackers to execute arbitrary code by manipulating the schedStartTime and schedEndTime parameters. Public exploit code exists and no patch is currently available. This vulnerability affects network devices and poses an immediate risk to deployed systems.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows unauthenticated remote attackers to achieve code execution by sending a malicious SSID value to the /goform/fast_setting_wifi_set endpoint. Public exploit code exists for this vulnerability and no patch is currently available. An attacker can exploit this to gain complete system compromise with high integrity and availability impact.
Wedding Slideshow Studio 1.36 has a second buffer overflow in the registration key input enabling code execution.
A flaw has been found in ggml-org llama.cpp versions up to 55 is affected by buffer overflow (CVSS 3.3).
IP-COM W30AP wireless access point up to firmware 1.0.0.11 has a buffer overflow that allows remote attackers to execute code or crash the device.
Stack-based buffer overflow in libfastcommon's base64_decode function allows local attackers with user-level privileges to corrupt memory and potentially execute arbitrary code. Public exploit code exists for this vulnerability affecting libfastcommon versions up to 1.0.84. A patch is available and should be applied immediately to mitigate the risk.
Buffer overflow in 10-Strike Network Inventory Explorer 9.03 file import functionality allows attackers to execute arbitrary code via crafted import files. PoC available.
Stack overflow in Free Desktop Clock 3.0 triggered by crafted Time Zones display name input allows attackers to execute arbitrary code. PoC available.
Autodesk 3ds Max is vulnerable to arbitrary code execution when processing maliciously crafted GIF files due to a stack-based buffer overflow (CVE-2026-0536, CVSS 7.8). Local attackers can exploit this vulnerability by tricking users into opening a malicious GIF file to execute code with the privileges of the 3ds Max process. No patch is currently available.
Arbitrary code execution in Autodesk 3ds Max via malicious GIF file parsing exploits a stack-based buffer overflow vulnerability, allowing local attackers to execute code with the privileges of the application. The vulnerability requires user interaction to open a crafted GIF file and currently has no available patch. This affects 3ds Max users who may unknowingly process untrusted image files.
GoldWave 5.70 audio editor has a buffer overflow enabling code execution through crafted audio files.
Remote code execution in Tenda AC15 firmware versions up to 15.13.07.13 via a stack-based buffer overflow in the /goform/TextEditingConversion endpoint allows unauthenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating immediate risk for deployed devices. An attacker can exploit this remotely with minimal complexity by manipulating the wpapsk_crypto2_4g parameter.
Stack-based buffer overflow in ThinkWise by SimTech Systems allows unauthenticated remote code execution via crafted network input.
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helpers copy network-supplied payload data into fixed-size stack buffers using memcpy() with a length derived from payload_size. The only length checks are guarded by assert(); in release builds, the asserts are compiled out and memcpy() may copy an unbounded payload_size. Payloads larger than 12 bytes...
Stack overflow denial of service in fast-xml-parser versions prior to 5.3.8 occurs when the XML builder is used with the preserveOrder option enabled, causing the application to crash. An attacker can trigger this vulnerability remotely by sending specially crafted XML input, resulting in service unavailability for applications using the affected library. A patch is available in version 5.3.8 and later.
Stack-based buffer overflow in CodeAstro Food Ordering System 1.0 allows local attackers with user privileges to corrupt memory and potentially execute arbitrary code, with public exploit code currently available. The vulnerability affects food_ordering.exe through an undocumented function and requires local access to exploit. No patch is currently available for affected systems.
SonicOS management interface suffers from stack-based buffer overflow flaws in an API endpoint that allow authenticated administrators to trigger denial of service conditions through improper input validation. The vulnerability affects Stack Overflow and Sonicos products but currently lacks an available patch, leaving deployed systems exposed to authenticated attack vectors with no mitigation path.
Medium severity vulnerability in ImageMagick. # Magick fails to check for circular references between two MSLs, leading to a stack overflow.
Stack-based buffer overflow in ImageMagick versions before 7.1.2-15 allows remote attackers to crash the application and potentially corrupt memory by submitting specially crafted FTXT image files. The vulnerability requires high complexity to exploit but impacts both confidentiality and availability of affected systems. No patch is currently available for this HIGH severity issue (CVSS 7.4).
Remote code execution in Tenda AC8 firmware versions up to 16.03.34.06 allows authenticated attackers to execute arbitrary code via a stack-based buffer overflow in the HTTP upload handler. Public exploit code exists for this vulnerability, which has no patch available. An attacker with valid credentials can trigger the overflow by manipulating the boundary parameter in multipart upload requests.
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. [CVSS 7.3 HIGH]
Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in the modify_add_client_prio function, which is reachable via the formSetClientPrio CGI handler. [CVSS 7.5 HIGH]
Stack-based buffer overflow in D-Link DWR-M960 1.01.07 firmware's scheduled reboot configuration endpoint allows authenticated remote attackers to achieve full system compromise through the submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw requires valid credentials but has a high attack surface due to network accessibility and the severity of potential impacts including code execution and data exfiltration.
Remote code execution in D-Link DWR-M960 firmware through a stack buffer overflow in the VPN configuration endpoint allows authenticated attackers to execute arbitrary code by manipulating the submit-url parameter. The vulnerability affects firmware version 1.01.07 and public exploit code exists, though no patch is currently available.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to execute arbitrary code by manipulating the submit-url parameter in the /boafrm/formDhcpv6s function. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Stack-based buffer overflow in D-Link DWR-M960 firmware (version 1.01.07) allows authenticated attackers to achieve remote code execution via a malicious URL parameter in the /boafrm/formNewSchedule function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, posing a significant risk to affected devices.
Remote code execution in D-Link DWR-M960 firmware 1.01.07 via stack-based buffer overflow in the /boafrm/formWsc endpoint allows authenticated attackers to achieve full system compromise through manipulation of the save_apply parameter. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Stack buffer overflow in Tenda A18 15.13.07.13 firmware allows authenticated remote attackers to execute arbitrary code through malformed boundary parameters in the /cgi-bin/UploadCfg HTTP endpoint. The vulnerability affects the webCgiGetUploadFile function within the Httpd service and has public exploit code available. Affected users should apply patches when available, as the vulnerability requires valid credentials but no user interaction.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to achieve arbitrary code execution by manipulating the submit-url parameter in the wireless access control endpoint. Public exploit code exists for this vulnerability, and no patch is currently available.
Stack-based buffer overflow in D-Link DWR-M960 firmware (version 1.01.07) WLAN encryption configuration endpoint allows authenticated remote attackers to execute arbitrary code with high integrity and confidentiality impact. The vulnerability exists in the submit-url parameter handling within the /boafrm/formWlEncrypt component and has public exploit code available. No patch is currently available for this vulnerability.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to achieve code execution by manipulating the submit-url parameter in the Operation Mode Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can leverage this flaw to fully compromise affected devices.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to execute arbitrary code by manipulating the submit-url parameter in the LTE Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can leverage this flaw to achieve complete system compromise including confidentiality, integrity, and availability breaches.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to achieve complete system compromise through manipulation of the submit-url parameter in the Bridge VLAN Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges.
Stack-based buffer overflow in Tenda HG9 firmware's pingAddr parameter allows unauthenticated remote attackers to achieve code execution through the /boaform/formPing6 endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw carries high severity with complete compromise potential across confidentiality, integrity, and availability.
Stack-based buffer overflow in the Diagnostic Ping Endpoint of Tenda HG9 firmware allows unauthenticated remote attackers to achieve code execution by supplying a malicious pingAddr parameter. The vulnerability exists in the /boaform/formPing component and is exploitable over the network with low complexity. Public exploit code exists and no patch is currently available.
Stack-based buffer overflow in Tenda HG9 firmware's loopback detection endpoint allows remote attackers with valid credentials to achieve complete system compromise through manipulation of the Ethtype parameter. Public exploit code exists for this vulnerability, creating immediate risk in deployed environments. No patch is currently available.
Remote code execution in Tenda HG9 firmware via stack buffer overflow in the GPON configuration endpoint allows authenticated attackers to achieve full system compromise through manipulation of LOID parameters. Public exploit code exists for this vulnerability, increasing the risk of active exploitation in deployed devices. No patch is currently available, making network segmentation and access controls critical for mitigation.
Remote code execution in Tenda HG9 firmware via stack buffer overflow in the Samba configuration endpoint allows authenticated attackers to achieve complete system compromise through manipulation of the sambaCap parameter. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available.
Stack buffer overflow in Tenda HG9 firmware's wireless configuration endpoint allows authenticated remote attackers to achieve arbitrary code execution through a malicious SSID parameter. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. The vulnerability affects the /boaform/formWlanSetup component and currently has no available patch.
Stack Overflow and Tenda A21 1.0.0.0 are vulnerable to remote code execution through a stack-based buffer overflow in the device name configuration function, exploitable by authenticated attackers without user interaction. Public exploit code exists for this vulnerability, enabling attackers to achieve complete compromise of affected systems. No patch is currently available.
Stack-based buffer overflow in D-Link DWR-M960 1.01.07 firmware allows remote authenticated attackers to achieve complete system compromise through crafted input to the IPv6 setup function. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can execute arbitrary code with full system privileges.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to achieve arbitrary code execution through a malformed submit-url parameter in the WAN interface configuration handler. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can leverage this to gain complete system compromise.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows remote attackers with low privileges to achieve complete system compromise through manipulation of the submit-url parameter in the /boafrm/formIpQoS function. Public exploit code exists for this vulnerability and no patch is currently available, creating immediate risk for affected deployments.
Stack-based buffer overflow in D-Link DWR-M960 firmware versions up to 1.01.07 allows authenticated remote attackers to achieve arbitrary code execution by manipulating the submit-url parameter in the /boafrm/formDosCfg function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires low complexity with no user interaction, affecting device confidentiality, integrity, and availability.
Remote code execution in D-Link DWR-M960 firmware through stack-based buffer overflow in the Advanced Firewall Configuration endpoint allows authenticated attackers to achieve complete system compromise. The vulnerability exists in the /boafrm/formFirewallAdv component where improper input validation on the submit-url parameter enables stack overflow attacks. Public exploit code is available and no patch has been released.
Stack-based buffer overflow in Tenda A18 firmware versions up to 15.13.07.13 allows remote attackers with low privileges to achieve code execution through the wpapsk_crypto5g parameter in the /goform/WifiExtraSet endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score (8.8) reflects the combination of remote exploitability and complete system compromise potential.
Stack overflow in Tenda A18 firmware version 15.13.07.13 allows remote attackers with low privileges to achieve complete system compromise through a malformed deviceList parameter in the /goform/setBlackRule endpoint. Public exploit code is available and the vulnerability remains unpatched, creating significant risk for affected devices.
Remote code execution in Tenda A21 1.0.0.0 firmware via stack-based buffer overflow in the WiFi settings endpoint allows authenticated attackers to execute arbitrary code with full system privileges. The vulnerability exists in the fast_setting_wifi_set function where unsanitized SSID parameter input can overflow the stack, and public exploit code is currently available. No patch has been released for this high-severity vulnerability affecting both the A21 firmware and Stack Overflow products.
Stack-based buffer overflow in Tenda A21 firmware allows remote attackers with valid credentials to achieve complete system compromise through malicious input to the schedStartTime/schedEndTime parameters in the openSchedWifi function. Public exploit code exists for this vulnerability, and no patch is currently available. This affects confidentiality, integrity, and availability with high severity (CVSS 8.8).
Stack-based buffer overflow in Tenda A21 1.0.0.0 MAC filtering configuration allows remote authenticated attackers to achieve full system compromise through malicious devName/mac parameters. Public exploit code exists for this vulnerability, which remains unpatched. The flaw affects the set_device_name function in the /goform/setBlackRule endpoint with high exploitability due to network accessibility and low attack complexity.
Remote code execution in Tenda A21 1.0.0.0 firmware results from a stack buffer overflow in the SetIpMacBind function accessible via the /goform/SetIpMacBind endpoint, allowing unauthenticated remote attackers to execute arbitrary code with high integrity and availability impact. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for affected devices.
Remote code execution in Tenda A21 firmware through a stack buffer overflow in the QoS bandwidth configuration endpoint allows unauthenticated attackers to execute arbitrary code with full system privileges. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the set_qosMib_list function when processing unsanitized input, enabling network-based attacks from authenticated users or potentially lower-privileged roles.
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. [CVSS 7.8 HIGH]
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to achieve complete system compromise through the Port Forwarding Configuration endpoint. The vulnerability exists in the submit-url parameter processing and has public exploit code available. Affected devices are remotely exploitable by authenticated users with no user interaction required.
Stack-based buffer overflow in D-Link DWR-M960 firmware 1.01.07 Filter Configuration endpoint allows authenticated remote attackers to achieve full system compromise through a malicious submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but executes with no user interaction needed.
Stack-based buffer overflow in D-Link DWR-M960 firmware's DDNS settings handler allows authenticated remote attackers to achieve complete system compromise through a malicious submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects firmware version 1.01.07 and can be exploited without user interaction.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 NTP configuration endpoint allows remote authenticated attackers to achieve complete system compromise through manipulation of the submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw carries a high severity rating with CVSS score of 8.8 due to potential for remote code execution with minimal attack complexity.
Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to achieve full system compromise through manipulation of the submit-url parameter in the System Log Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can trigger this flaw to execute arbitrary code with complete control over confidentiality, integrity, and availability.
NanaZip versions 5.0.1252.0 through 6.0.1629.0 are vulnerable to denial of service through malformed ROMFS archives that trigger infinite loops via circular offset chains or stack overflow via deeply nested directory structures. Public exploit code exists for this vulnerability, allowing local attackers to crash the application and cause a denial of service. No patch is currently available.
Buffer overflow in WMV to AVI MPEG DVD Convertor 4.6.1217 allows code execution via crafted media files. PoC available.
Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. [CVSS 9.8 CRITICAL]
Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). [CVSS 8.4 HIGH]
A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wren_compiler.c of the component Error Message Handler. [CVSS 3.3 LOW]
Unauthenticated stack-based buffer overflow in /cgi-bin/api.values.get HTTP API endpoint. EPSS 41.1% indicates very high exploitation probability. Patch available.
Stack-based buffer overflow in TOTOLIK A3002RU firmware versions up to V3.0.0-B20220304.1804 allows authenticated attackers to achieve remote code execution through a malicious static_ipv6 parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the complete compromise of system confidentiality, integrity, and availability for affected devices.
Stack overflow vulnerabilities in TOTOLIK A3002RU V2.1.1 router firmware allow authenticated attackers to achieve remote code execution through malformed vpnUser or vpnPassword parameters. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at risk of complete compromise.
Remote code execution in Wavlink WL-NU516U1 firmware through a stack-based buffer overflow in the nas.cgi User1Passwd parameter allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Stack buffer overflow in Wavlink WL-NU516U1 firmware up to version 130/260 allows authenticated remote attackers to achieve code execution via a malformed firmware_url parameter to /cgi-bin/adm.cgi. Public exploit code exists for this vulnerability and the vendor has not provided a patch despite early notification. The high CVSS score (7.2) reflects the severity of unauthenticated remote code execution risk, though exploitation currently requires high-level privileges.
Stack overflow in Wavlink WL-NU516U1 firmware's /cgi-bin/adm.cgi allows remote attackers with high privileges to achieve code execution via a malicious time_zone parameter. Public exploit code exists for this vulnerability, though exploitation requires high complexity and the vendor has not released a patch.
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
A Stack Overflow vulnerability was discovered in the TON Virtual Machine (TVM) before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. [CVSS 7.5 HIGH]
The BACnet Protocol Stack library versions 1.4.2 and earlier contain an off-by-one buffer overflow in the ubasic interpreter's string tokenizer that crashes the application when processing oversized string literals. Public exploit code exists for this vulnerability, which affects any system running vulnerable versions of the BACnet Stack or Stack Overflow products. An attacker with local access and user interaction can trigger a denial of service condition through a specially crafted input string.
Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by overflowing the registration name input field. [CVSS 6.2 MEDIUM]
FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting the EIP register through a custom command input. [CVSS 8.4 HIGH]
Stack overflow in FTP Navigator 8.03 via SEH overwrite. PoC available.
Stack overflow in Domain Quester Pro 6.02 via SEH overwrite. PoC available.
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. [CVSS 8.8 HIGH]
A stack overflow in the ZBarcode_Encode function of Monkeybread Software MBS DynaPDF Plugin v21.3.1.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 7.5 HIGH]
Stack overflow in Allok Video Converter 4.6.1217 License Name input. PoC available.
Stack overflow in Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 via SEH chain. PoC available.
Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. [CVSS 7.5 HIGH]
Stack overflow in Torrent FLV Converter 1.51 Build 117 via SEH overwrite. PoC available.
Stack overflow in Torrent 3GP Converter 1.51 via SEH overwrite. PoC available.
Stack buffer overflow in Tenda AC9 firmware versions up to 15.03.06.42_multi allows remote attackers to achieve code execution by manipulating scheduled reboot parameters without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high privileges but succeeds over the network with minimal complexity.
Stack overflow in Tenda AC9 firmware versions up to 15.03.06.42_multi allows remote attackers with high privileges to achieve complete system compromise through manipulation of the security.ddos.map parameter. Public exploit code exists for this vulnerability, increasing exploitation risk. No patch is currently available.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows remote attackers with low privileges to achieve complete system compromise through manipulation of QoS parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the set_qosMib_list function in the /goform/formSetQosBand endpoint, enabling unauthorized code execution and data theft.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows authenticated remote attackers to achieve full system compromise through improper argument handling in the SetIpMacBind function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations should implement network segmentation and access controls to restrict administrative functionality until remediation is possible.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 MAC filtering endpoint allows authenticated remote attackers to achieve code execution through crafted device name or MAC address parameters. Public exploit code exists for this vulnerability and no patch is currently available. The flaw affects the /goform/setBlackRule component with high impact on confidentiality, integrity, and availability.
Remote code execution in Tenda RX3 firmware versions up to 16.03.13.11 via stack-based buffer overflow in the /goform/openSchedWifi endpoint allows unauthenticated attackers to execute arbitrary code by manipulating the schedStartTime and schedEndTime parameters. Public exploit code exists and no patch is currently available. This vulnerability affects network devices and poses an immediate risk to deployed systems.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows unauthenticated remote attackers to achieve code execution by sending a malicious SSID value to the /goform/fast_setting_wifi_set endpoint. Public exploit code exists for this vulnerability and no patch is currently available. An attacker can exploit this to gain complete system compromise with high integrity and availability impact.
Wedding Slideshow Studio 1.36 has a second buffer overflow in the registration key input enabling code execution.
A flaw has been found in ggml-org llama.cpp versions up to 55 is affected by buffer overflow (CVSS 3.3).
IP-COM W30AP wireless access point up to firmware 1.0.0.11 has a buffer overflow that allows remote attackers to execute code or crash the device.
Stack-based buffer overflow in libfastcommon's base64_decode function allows local attackers with user-level privileges to corrupt memory and potentially execute arbitrary code. Public exploit code exists for this vulnerability affecting libfastcommon versions up to 1.0.84. A patch is available and should be applied immediately to mitigate the risk.
Buffer overflow in 10-Strike Network Inventory Explorer 9.03 file import functionality allows attackers to execute arbitrary code via crafted import files. PoC available.
Stack overflow in Free Desktop Clock 3.0 triggered by crafted Time Zones display name input allows attackers to execute arbitrary code. PoC available.
Autodesk 3ds Max is vulnerable to arbitrary code execution when processing maliciously crafted GIF files due to a stack-based buffer overflow (CVE-2026-0536, CVSS 7.8). Local attackers can exploit this vulnerability by tricking users into opening a malicious GIF file to execute code with the privileges of the 3ds Max process. No patch is currently available.
Arbitrary code execution in Autodesk 3ds Max via malicious GIF file parsing exploits a stack-based buffer overflow vulnerability, allowing local attackers to execute code with the privileges of the application. The vulnerability requires user interaction to open a crafted GIF file and currently has no available patch. This affects 3ds Max users who may unknowingly process untrusted image files.
GoldWave 5.70 audio editor has a buffer overflow enabling code execution through crafted audio files.