Skip to main content

Stack-based Buffer Overflow

memory HIGH

A stack-based buffer overflow occurs when a program writes more data to a buffer located on the stack than it was allocated to hold.

How It Works

A stack-based buffer overflow occurs when a program writes more data to a buffer located on the stack than it was allocated to hold. The stack stores local variables, function parameters, and critical control information including the return address that tells the CPU where to resume execution after a function completes. When an attacker overflows a buffer, they can overwrite adjacent memory, including this return address.

The classic exploitation path involves carefully crafting input to overwrite the return address with a pointer to attacker-controlled code. Historically, attackers would inject shellcode directly into the overflowed buffer, then redirect execution to it. Modern defenses like Data Execution Prevention (DEP/NX) mark the stack as non-executable, forcing attackers to use Return-Oriented Programming (ROP) instead—chaining together existing code snippets ("gadgets") to perform malicious operations without injecting new code.

Address Space Layout Randomization (ASLR) randomizes memory addresses to make exploitation harder, but attackers can defeat it through information disclosure vulnerabilities that leak memory addresses. Stack canaries—random values placed between buffers and control data—can detect overwrites, but may be bypassed through brute-force attacks or by carefully avoiding them in partial overwrites.

Impact

  • Arbitrary code execution at the privilege level of the vulnerable process
  • Complete system compromise if the vulnerable process runs with elevated privileges (root/SYSTEM)
  • Memory corruption leading to crashes and denial of service
  • Bypass of authentication mechanisms by redirecting execution flow around security checks
  • Data theft or modification through code injection that accesses sensitive memory regions

Real-World Examples

The Morris Worm (1988) exploited a stack overflow in the Unix fingerd daemon, becoming one of the first major internet worms. The Code Red worm (2001) leveraged a stack overflow in Microsoft IIS (CVE-2001-0500) to compromise hundreds of thousands of web servers, demonstrating the massive scale of automated exploitation.

More recently, EternalBlue exploited stack corruption in Windows SMB (CVE-2017-0144), enabling the WannaCry and NotPetya ransomware outbreaks that caused billions in damage. The Heartbleed bug (CVE-2014-0160), while technically a heap-based read overflow, demonstrated how buffer handling errors remain prevalent even in security-critical software like OpenSSL.

Mitigation

  • Stack canaries (compile with -fstack-protector-all or equivalent) to detect overwrites before return
  • Address Space Layout Randomization (ASLR) to randomize memory locations
  • DEP/NX bit enforcement to prevent code execution from stack memory
  • Memory-safe string functions (use strncpy, snprintf, strlcpy instead of strcpy, sprintf, gets)
  • Compiler hardening flags (-D_FORTIFY_SOURCE=2, control-flow integrity)
  • Input validation with strict bounds checking on all externally-supplied data
  • Memory-safe languages (Rust, Go) for new development to eliminate the vulnerability class entirely

Recent CVEs (2223)

EPSS 0% CVSS 5.1
MEDIUM POC This Month

A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R V4.1.5cu.614_B20230630, LR1200GB V9.1.0u.6619_B20230130, and NR1800X. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Denial Of Service Buffer Overflow +4
NVD GitHub
EPSS 0% CVSS 5.1
MEDIUM POC This Month

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary (sub_401EE0 function). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (sub_42F32C. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +2
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602 contain a stack-based buffer overflow, as the HTTP service ('webs') fails to enforce maximum lengths. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Microsoft +4
NVD
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls parameter of the get_parentControl_list_Info function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Tenda Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Tenda Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the ssid parameter of the urldecode function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the wpapsk_crypto parameter of the wlSetExternParameter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Tenda Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow IBM +4
NVD
EPSS 0% CVSS 8.4
HIGH This Month

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD GitHub
EPSS 0% CVSS 6.7
MEDIUM This Month

In charger, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +6
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +6
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while processing client message during device management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Qam8255p Firmware +34
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Stack-based buffer overflow in QEMU's e1000 network device emulation allows local guest users to crash the QEMU process via crafted short frames in loopback mode, causing denial of service on the host. The vulnerability exists in the e1000_receive_iov() function where frame padding logic was removed from the device layer but loopback mode still processes short frames unsafely. No public exploit code or active exploitation in KEV has been reported at time of analysis.

Stack Overflow Denial Of Service Buffer Overflow
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Denial of service in the Tenda AC8 dual-band gigabit router (hardware revision v03.03.10.01) allows a remote attacker to crash the device by sending a single crafted packet to its UPnP service, triggering a stack-based buffer overflow (CWE-121). The flaw requires no authentication or user interaction per the CVSS vector (PR:N/UI:N) and impacts availability only (A:H, no confidentiality/integrity impact). Publicly available exploit material exists via a researcher GitHub repository, though the issue is not listed in CISA KEV and carries a modest EPSS score of 0.39% (31st percentile).

Buffer Overflow Tenda Denial Of Service +2
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

TP-Link AX1800 WiFi 6 Router (Archer AX21) devices allow unauthenticated attackers (on the LAN) to execute arbitrary code as root via the db_dir field to minidlnad. The attacker obtains the ability to modify files.db, and that can be used to reach a stack-based buffer overflow in minidlna-1.1.2/upnpsoap.c. Exploitation requires that a USB flash drive is connected to the router (customers often do this to make a \\192.168.0.1 share available on their local network).

Buffer Overflow TP-Link RCE +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

KV Studio versions 12.23 and prior contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

Buffer Overflow RCE Stack Overflow
NVD
EPSS 0% CVSS 7.8
HIGH This Week

KV STUDIO and VT5-WX15/WX12 contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

Buffer Overflow RCE Stack Overflow
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.

Stack Overflow Buffer Overflow Ubuntu +3
NVD GitHub
EPSS 0% CVSS 4.0
MEDIUM POC PATCH Monitor

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Squid +2
NVD GitHub
EPSS 0% CVSS 7.6
HIGH This Month

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Google +4
NVD
EPSS 2% CVSS 7.7
HIGH KEV THREAT Act Now

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Stack Overflow Buffer Overflow Apple +5
NVD
EPSS 0% CVSS 3.3
LOW Monitor

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Nvidia Stack Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cncsoft G2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cncsoft G2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xps_unpredict_tiff in xpstiff.c because the samplesperpixel value is not checked. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Ghostscript +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Ghostscript +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL/TLS communication is configured. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Control M Agent
NVD
EPSS 0% CVSS 9.3
CRITICAL This Week

A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 7.0
HIGH POC This Month

A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the dns_forward_rule_store function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the String parameter in the formDeleteMeshNode function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pppoeServerWhiteMacIndex parameter in the formModifyPppAuthWhiteMac function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the countryCode parameter in the werlessAdvancedSet function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway parameter in the formSetStaticRoute function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in the formAddVpnUsers function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in the getsinglepppuser function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Month

Stack-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Stack Overflow +16
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Microsoft Stack Overflow +16
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions), User Management Component (UMC) (All versions <. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWifiBasicSet function via the parameter security or security_5g. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Month

A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially leak a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow
NVD
EPSS 6% CVSS 7.5
HIGH POC This Week

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +3
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Month

Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READ_SYSCALL and WRITE_SYSCALL system calls. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Spim
NVD GitHub
EPSS 0% CVSS 8.6
HIGH This Month

Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 8.1
HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 7.5
HIGH POC PATCH This Month

A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE +3
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 7.3
HIGH POC This Month

Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD GitHub
Prev Page 9 of 25 Next

Quick Facts

Typical Severity
HIGH
Category
memory
Total CVEs
2223

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy