CWE-121— Stack-based Buffer Overflow
3,121 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 26 of 63
- CVE-2023-5944HIGHCVSS 7.8EG 7.82023-12-04
Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file.
- CVE-2023-6095HIGHCVSS 8.9EG 8.92024-04-26
Vladimir Kononovich, a Security Researcher has found a flaw that allows for a remote code execution on the DVR. An attacker could inject malicious HTTP headers into request packets to execute arbitrary code. The manufacturer has released …
- CVE-2023-6116HIGHCVSS 8.9EG 8.92024-04-26
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the camera. An attacker could inject malicious into http request packets to execute arbitrary code. The manufacturer has released patch firmwa…
- CVE-2023-6322HIGHCVSS 7.2EG 7.22024-05-15
A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overfl…
- CVE-2023-6340MEDIUMCVSS 5.5EG 5.52024-01-18
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffe…
- CVE-2023-6693MEDIUMCVSS 4.9EG 4.92024-01-02
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are …
- CVE-2023-6749HIGHCVSS 8.0EG 8.02024-02-18
Unchecked length coming from user input in settings shell
- CVE-2023-6888MEDIUMCVSS 6.3EG 6.32023-12-17
A vulnerability classified as critical was found in PHZ76 RtspServer 1.0.0. This vulnerability affects the function ParseRequestLine of the file RtspMesaage.cpp. The manipulation leads to stack-based buffer overflow. The attack can be init…
- CVE-2023-7187MEDIUMCVSS 5.5EG 5.52023-12-31
A vulnerability was found in Totolink N350RT 9.3.5u.6139_B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler…
- CVE-2023-7206HIGHCVSS 7.8EG 7.82024-01-15
In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape.
- CVE-2023-7213MEDIUMCVSS 6.3EG 6.32024-01-07
A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this vulnerability is the function main of the file /cgi-bin/cstecgi.cgi?action=login&flag=1 of the component HTTP POST Request Handler.…
- CVE-2023-7214MEDIUMCVSS 6.3EG 6.32024-01-07
A vulnerability, which was classified as critical, has been found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handle…
- CVE-2023-7218HIGHCVSS 7.2EG 7.22024-01-08
A vulnerability, which was classified as critical, was found in Totolink N350RT 9.3.5u.6139_B202012. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer…
- CVE-2023-7219HIGHCVSS 7.2EG 7.22024-01-09
A vulnerability has been found in Totolink N350RT 9.3.5u.6139_B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads t…
- CVE-2023-7220CRITICALCVSS 9.8EG 9.82024-01-09
A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-bas…
- CVE-2024-0321CRITICALCVSS 9.8EG 4.02024-01-08
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
- CVE-2024-0444HIGHCVSS 8.8EG 7.52024-06-07
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is requ…
- CVE-2024-0531HIGHCVSS 7.2EG 7.22024-01-15
A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceL…
- CVE-2024-0532HIGHCVSS 7.2EG 7.22024-01-15
A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function set_repeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of…
- CVE-2024-0533HIGHCVSS 7.2EG 7.22024-01-15
A vulnerability was found in Tenda A15 15.13.07.13. It has been rated as critical. This issue affects some unknown processing of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the arg…
- CVE-2024-0534HIGHCVSS 7.2EG 7.22024-01-15
A vulnerability classified as critical has been found in Tenda A15 15.13.07.13. Affected is an unknown function of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument mac lead…
- CVE-2024-0535HIGHCVSS 8.8EG 8.82024-01-15
A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-bas…
- CVE-2024-0536HIGHCVSS 8.8EG 8.82024-01-15
A vulnerability, which was classified as critical, has been found in Tenda W9 1.0.0.7(4456). Affected by this issue is the function setWrlAccessList of the component httpd. The manipulation of the argument ssidIndex leads to stack-based bu…
- CVE-2024-0537HIGHCVSS 8.8EG 8.82024-01-15
A vulnerability, which was classified as critical, was found in Tenda W9 1.0.0.7(4456). This affects the function setWrlBasicInfo of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It i…
- CVE-2024-0538HIGHCVSS 8.8EG 8.82024-01-15
A vulnerability has been found in Tenda W9 1.0.0.7(4456) and classified as critical. This vulnerability affects the function formQosManage_auto of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer …
- CVE-2024-0539HIGHCVSS 8.8EG 8.82024-01-15
A vulnerability was found in Tenda W9 1.0.0.7(4456) and classified as critical. This issue affects the function formQosManage_user of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The…
- CVE-2024-0540MEDIUMCVSS 6.3EG 6.32024-01-15
A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is…
- CVE-2024-0541HIGHCVSS 8.8EG 8.82024-01-15
A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been declared as critical. Affected by this vulnerability is the function formAddSysLogRule of the component httpd. The manipulation of the argument sysRulenEn leads to stack-base…
- CVE-2024-0542HIGHCVSS 8.8EG 8.82024-01-15
A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been rated as critical. Affected by this issue is the function formWifiMacFilterGet of the component httpd. The manipulation of the argument index leads to stack-based buffer over…
- CVE-2024-0571HIGHCVSS 8.8EG 8.82024-01-16
A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. This issue affects the function setSmsCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument text leads to stack-…
- CVE-2024-0572HIGHCVSS 8.8EG 8.82024-01-16
A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-base…
- CVE-2024-0573HIGHCVSS 8.8EG 8.82024-01-16
A vulnerability has been found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip lead…
- CVE-2024-0574HIGHCVSS 8.8EG 8.82024-01-16
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stac…
- CVE-2024-0575HIGHCVSS 8.8EG 8.82024-01-16
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been classified as critical. This affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to stack-…
- CVE-2024-0576HIGHCVSS 8.8EG 8.82024-01-16
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been declared as critical. This vulnerability affects the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sPort l…
- CVE-2024-0577HIGHCVSS 8.8EG 8.82024-01-16
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as critical. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument lang leads to stack-base…
- CVE-2024-0578HIGHCVSS 8.8EG 8.82024-01-16
A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to stack-based buff…
- CVE-2024-0745HIGHCVSS 8.8EG 8.82024-01-23
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.
- CVE-2024-0922MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this vulnerability is the function formQuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. Th…
- CVE-2024-0923MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overfl…
- CVE-2024-0924MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function formSetPPTPServer. The manipulation of the argument startIp leads to stack-based buffer overflow. It is possible…
- CVE-2024-0925MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The at…
- CVE-2024-0926MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be ini…
- CVE-2024-0927MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. …
- CVE-2024-0928MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer …
- CVE-2024-0929MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The a…
- CVE-2024-0930MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possi…
- CVE-2024-0931MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. This vulnerability affects the function saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-based buffer overflo…
- CVE-2024-0932MEDIUMCVSS 4.7EG 4.72024-01-26
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-based buffer overflow. …
- CVE-2024-0962MEDIUMCVSS 6.3EG 6.32024-01-27
A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function get_split_entry of the file src/coap_oscore.c of the component Configuration File Handler. The manipulation leads to sta…
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →