CWE-121— Stack-based Buffer Overflow
3,124 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 34 of 63
- CVE-2024-34085HIGHCVSS 7.8EG 7.82024-05-14
A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10), Teamcenter Visualization V14.3 (All versions …
- CVE-2024-34087CRITICALCVSS 9.8EG 9.82024-08-26
An SEH-based buffer overflow in the BPQ32 HTTP Server in BPQ32 6.0.24.1 allows remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request.
- CVE-2024-34171HIGHCVSS 7.8EG 7.82024-05-30
Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code.
- CVE-2024-34195CRITICALCVSS 9.8EG 8.82024-08-28
TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. This oversigh…
- CVE-2024-34200HIGHCVSS 8.8EG 8.82024-05-14
TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpQosRules function.
- CVE-2024-34201HIGHCVSS 7.3EG 7.32024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function.
- CVE-2024-34202MEDIUMCVSS 6.5EG 6.52024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function.
- CVE-2024-34203LOWCVSS 3.8EG 3.82024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function.
- CVE-2024-34207HIGHCVSS 8.8EG 8.82024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function.
- CVE-2024-34209CRITICALCVSS 9.8EG 9.82024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function.
- CVE-2024-34212HIGHCVSS 7.3EG 7.32024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function.
- CVE-2024-34213CRITICALCVSS 9.8EG 9.82024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function.
- CVE-2024-34215HIGHCVSS 7.3EG 7.32024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function.
- CVE-2024-34217HIGHCVSS 7.7EG 7.72024-05-14
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function.
- CVE-2024-34308HIGHCVSS 8.8EG 8.82024-05-14
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the function urldecode.
- CVE-2024-34579HIGHCVSS 7.8EG 7.82025-01-17
Fuji Electric Alpha5 SMART is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
- CVE-2024-34773HIGHCVSS 7.8EG 7.82024-05-14
A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in…
- CVE-2024-34942HIGHCVSS 8.8EG 8.82024-05-14
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand.
- CVE-2024-34943CRITICALCVSS 9.8EG 9.82024-05-14
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting.
- CVE-2024-34944HIGHCVSS 8.8EG 8.82024-05-14
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.
- CVE-2024-34946MEDIUMCVSS 6.5EG 6.52024-05-14
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.
- CVE-2024-34950HIGHCVSS 7.5EG 7.52024-05-14
D-Link DIR-822+ v1.0.5 was discovered to contain a stack-based buffer overflow vulnerability in the SetNetworkTomographySettings module.
- CVE-2024-34974HIGHCVSS 8.2EG 8.22024-05-14
Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter.
- CVE-2024-35276MEDIUMCVSS 5.6EG 5.62025-01-14
A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.…
- CVE-2024-35279HIGHCVSS 8.1EG 8.12025-02-11
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets th…
- CVE-2024-35333HIGHCVSS 8.4EG 8.42024-05-29
A stack-buffer-overflow vulnerability exists in the read_charset_decl function of html2xhtml 1.3. This vulnerability occurs due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this vuln…
- CVE-2024-35387CRITICALCVSS 9.8EG 9.82024-05-24
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
- CVE-2024-35388HIGHCVSS 8.8EG 8.82024-05-24
TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode
- CVE-2024-35399HIGHCVSS 8.8EG 8.82024-05-28
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth
- CVE-2024-35403LOWCVSS 2.7EG 2.72024-05-28
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules
- CVE-2024-35576MEDIUMCVSS 5.2EG 5.22024-05-20
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.
- CVE-2024-35578HIGHCVSS 8.0EG 8.02024-05-20
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv.
- CVE-2024-35579HIGHCVSS 7.7EG 7.72024-05-20
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv.
- CVE-2024-35580CRITICALCVSS 9.8EG 9.82024-05-20
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.
- CVE-2024-36258CRITICALCVSS 10.0EG 10.02025-01-14
A stack-based buffer overflow vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send an…
- CVE-2024-36435CRITICALCVSS 9.8EG 9.82024-07-11
An issue was discovered on Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and B13 motherboards (and CMM6 modules). An unauthenticated user can post crafted data to the interface that triggers a stack buffer overflow, and m…
- CVE-2024-36468LOWCVSS 3.0EG 3.02024-11-27
The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without p…
- CVE-2024-36493CRITICALCVSS 9.1EG 9.12025-01-14
A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an a…
- CVE-2024-36600HIGHCVSS 8.4EG 8.42024-06-14
Buffer Overflow Vulnerability in libcdio 2.2.0 (fixed in 2.3.0) allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.
- CVE-2024-36728HIGHCVSS 8.1EG 8.12024-06-03
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlan_setting with a sufficientl…
- CVE-2024-36729MEDIUMCVSS 6.3EG 6.32024-06-03
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizard_ipv6 with a sufficiently…
- CVE-2024-37003HIGHCVSS 7.8EG 8.82024-06-25
A maliciously crafted DWG and SLDPRT file, when parsed in opennurbs.dll and ODXSW_DLL.dll through Autodesk applications, can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read …
- CVE-2024-37008HIGHCVSS 7.8EG 7.82024-08-21
A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2024-37029HIGHCVSS 7.8EG 7.82024-06-13
Fuji Electric Tellus Lite V-Simulator is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code.
- CVE-2024-37044HIGHCVSS 7.2EG 7.22024-11-22
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute cod…
- CVE-2024-37047MEDIUMCVSS 6.5EG 6.52024-11-22
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute cod…
- CVE-2024-37049MEDIUMCVSS 6.5EG 6.52024-11-22
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute cod…
- CVE-2024-37050MEDIUMCVSS 6.5EG 6.52024-11-22
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute cod…
- CVE-2024-37600MEDIUMCVSS 6.8EG 6.82025-02-13
An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible stack buffer overflow in the Service Broker service affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of t…
- CVE-2024-37631HIGHCVSS 8.8EG 8.82024-06-13
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule.
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →