CWE-121— Stack-based Buffer Overflow
3,118 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 1 of 63
- CVE-1999-0022HIGHCVSS 7.8EG 7.81996-07-03
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
- CVE-1999-0029HIGHCVSS 8.4EG 8.41997-07-16
root privileges via buffer overflow in ordist command on SGI IRIX systems.
- CVE-2008-0015HIGHCVSS 8.8EG 9.0⚠ KEV2009-07-07
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Ser…
- CVE-2008-20001HIGHCVSS 7.5EG 0.02025-08-30
activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitra…
- CVE-2009-0927HIGHCVSS 8.8EG 9.0⚠ KEV2009-03-19
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different …
- CVE-2009-10006CRITICALCVSS 9.3EG 0.02025-08-22
UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply (specifically a 001 message…
- CVE-2009-20002HIGHCVSS 8.4EG 0.02025-08-21
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing a…
- CVE-2009-20003HIGHCVSS 8.4EG 0.02025-08-21
Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowin…
- CVE-2009-20004HIGHCVSS 8.4EG 0.02025-08-21
gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of input data, allowing a specially crafted fi…
- CVE-2009-20005CRITICALCVSS 9.3EG 0.02025-09-16
A stack-based buffer overflow exists in the UtilConfigHome.csp endpoint of InterSystems Caché 2009.1. The vulnerability is triggered by sending a specially crafted HTTP GET request containing an oversized argument to the .csp handler. Due…
- CVE-2009-20007CRITICALCVSS 9.3EG 0.02025-09-16
Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by sending an overly long message that overflows a fixe…
- CVE-2009-20008HIGHCVSS 8.6EG 0.02025-08-30
Green Dam Youth Escort version 3.17 is vulnerable to a stack-based buffer overflow when processing overly long URLs. The flaw resides in the URL filtering component, which fails to properly validate input length before copying user-supplie…
- CVE-2009-20009CRITICALCVSS 9.3EG 0.02025-08-30
Belkin Bulldog Plus version 4.0.2 build 1219 contains a stack-based buffer overflow vulnerability in its web service authentication handler. When a specially crafted HTTP request is sent with an oversized Authorization header, the applicat…
- CVE-2010-10014HIGHCVSS 8.7EG 0.02025-08-20
Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which over…
- CVE-2010-10015HIGHCVSS 8.4EG 0.02025-08-21
AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excess…
- CVE-2010-20007HIGHCVSS 8.5EG 0.02025-08-21
Seagull FTP Client <= v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excess…
- CVE-2010-20010HIGHCVSS 8.4EG 0.02025-08-20
Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Ha…
- CVE-2010-20034HIGHCVSS 8.5EG 0.02025-08-21
Gekko Manager FTP Client <= 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted resp…
- CVE-2010-20042HIGHCVSS 8.4EG 0.02025-08-20
Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Except…
- CVE-2010-20045HIGHCVSS 8.5EG 0.02025-08-20
FileWrangler <= 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corrupti…
- CVE-2010-20049CRITICALCVSS 9.3EG 0.02025-08-20
LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application fails to properly bound-check the inp…
- CVE-2010-20107HIGHCVSS 8.5EG 0.02025-08-21
A stack-based buffer overflow exists in FTP Synchronizer Professional <= v4.0.73.274. When the client connects to an FTP server and issues a LIST command—typically during sync preview or profile creation—the server’s response contain…
- CVE-2010-20108HIGHCVSS 8.4EG 0.02025-08-21
FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory …
- CVE-2010-20111HIGHCVSS 8.4EG 0.02025-08-21
Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate in…
- CVE-2010-20112CRITICALCVSS 9.3EG 0.02025-08-21
Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allow…
- CVE-2010-20113CRITICALCVSS 9.8EG 9.82025-08-21
EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying a…
- CVE-2010-20114HIGHCVSS 8.4EG 0.02025-08-21
VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .…
- CVE-2010-20119HIGHCVSS 8.6EG 0.02025-08-21
CommuniCrypt Mail versions up to and including 1.16 contains a stack-based buffer overflow vulnerability in its ANSMTP.dll and AOSMTP.dll ActiveX controls, specifically within the AddAttachments() method. This method fails to properly va…
- CVE-2010-20121CRITICALCVSS 9.8EG 9.82025-08-21
EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input…
- CVE-2010-20122CRITICALCVSS 9.3EG 0.02025-08-21
Xftp FTP Client version up to and including 3.0 (build 0238) contain a stack-based buffer overflow vulnerability triggered by a maliciously crafted PWD response from an FTP server. When the client connects to a server and receives an overl…
- CVE-2010-20123HIGHCVSS 8.4EG 0.02025-08-21
Steinberg MyMP3Player version 3.0 (build 3.0.0.67) is vulnerable to a stack-based buffer overflow when parsing .m3u playlist files. The application fails to properly validate the length of input data within the playlist, allowing a special…
- CVE-2010-3872HIGHCVSS 7.5EG 7.52010-11-22
A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application cr…
- CVE-2011-10008HIGHCVSS 8.6EG 0.02025-07-31
A stack-based buffer overflow vulnerability exists in MPlayer Lite r33064 due to improper bounds checking when handling M3U playlist files containing long http:// URL entries. An attacker can craft a malicious .m3u file with a specially fo…
- CVE-2011-10012HIGHCVSS 8.4EG 0.02025-08-13
NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perfor…
- CVE-2011-10014HIGHCVSS 8.7EG 0.02025-08-13
GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code wh…
- CVE-2011-10015CRITICALCVSS 9.3EG 0.02025-08-13
Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer (25…
- CVE-2011-10016CRITICALCVSS 9.3EG 0.02025-08-13
Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archi…
- CVE-2011-10021HIGHCVSS 8.4EG 0.02025-08-20
Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy() operation that fails to validate input length, allowing attackers to o…
- CVE-2011-10023HIGHCVSS 8.4EG 0.02025-08-20
MJM QuickPlayer (also known as MJM Player) version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an …
- CVE-2011-10024HIGHCVSS 8.4EG 0.02025-08-20
MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing…
- CVE-2011-10027HIGHCVSS 8.4EG 0.02025-08-20
AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of…
- CVE-2011-10032CRITICALCVSS 9.3EG 0.02025-08-30
Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBServer service, which listens on TCP port 2001. The flaw is triggered when the service receives a specially crafted packe…
- CVE-2012-10021CRITICALCVSS 9.8EG 9.82025-07-31
A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of sprintf() when processing user-supplied C…
- CVE-2012-10023CRITICALCVSS 9.8EG 9.82025-08-05
A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitra…
- CVE-2012-10031HIGHCVSS 8.6EG 0.02025-08-05
BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When parsing a crafted .plf file, the MediaPlayerCtrl.dll component invokes…
- CVE-2012-10043CRITICALCVSS 9.3EG 0.02025-08-08
A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fi…
- CVE-2012-10051HIGHCVSS 8.4EG 0.02025-08-08
Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to…
- CVE-2012-10053CRITICALCVSS 9.3EG 0.02025-08-08
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper boun…
- CVE-2012-10057HIGHCVSS 8.4EG 0.02025-08-13
Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, a…
- CVE-2012-10058CRITICALCVSS 10.0EG 0.02025-08-13
RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbit…
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →