CWE-121— Stack-based Buffer Overflow
3,124 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 38 of 63
- CVE-2024-43549HIGHCVSS 8.8EG 8.82024-10-08
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-43630HIGHCVSS 7.8EG 7.82024-11-12
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2024-43661CRITICALCVSS 9.8EG 9.82025-01-09
The <redacted>.so library, which is used by <redacted>, is vulnerable to a buffer overflow in the code that handles the deletion of certificates. This buffer overflow can be triggered by providing a long file path to the <redacted> action …
- CVE-2024-43663CRITICALCVSS 9.8EG 9.82025-01-09
There are many buffer overflow vulnerabilities present in several CGI binaries of the charging station.This issue affects Iocharger firmware for AC model chargers beforeversion 24120701. Likelihood: High – Given the prevalence of these …
- CVE-2024-43689CRITICALCVSS 9.8EG 8.82024-10-21
Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed.
- CVE-2024-43700HIGHCVSS 7.8EG 7.02024-08-29
xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, …
- CVE-2024-44386HIGHCVSS 7.3EG 7.32024-08-23
Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function fromSetIpBind.
- CVE-2024-44387MEDIUMCVSS 6.5EG 6.52024-08-23
Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the functino formWrlExtraGet.
- CVE-2024-44390HIGHCVSS 8.8EG 8.02024-08-23
Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function formWrlsafeset.
- CVE-2024-44549CRITICALCVSS 9.8EG 6.62024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.
- CVE-2024-44550CRITICALCVSS 9.8EG 8.82024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv.
- CVE-2024-44551CRITICALCVSS 9.8EG 9.82024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.
- CVE-2024-44553CRITICALCVSS 9.8EG 8.82024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv.
- CVE-2024-44556CRITICALCVSS 9.8EG 6.62024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo.
- CVE-2024-44557CRITICALCVSS 9.8EG 8.02024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.
- CVE-2024-44558CRITICALCVSS 9.8EG 8.82024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo.
- CVE-2024-44563CRITICALCVSS 9.8EG 8.02024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.
- CVE-2024-44565CRITICALCVSS 9.8EG 8.02024-08-26
Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set.
- CVE-2024-44589HIGHCVSS 8.8EG 8.82024-09-18
Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers to execute of arbitrary code.
- CVE-2024-44674MEDIUMCVSS 5.7EG 5.72024-10-07
D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src.
- CVE-2024-44859HIGHCVSS 8.0EG 8.02024-09-04
Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`.
- CVE-2024-4491HIGHCVSS 8.8EG 8.82024-05-05
A vulnerability classified as critical was found in Tenda i21 1.0.0.14(4656). This vulnerability affects the function formGetDiagnoseInfo. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be in…
- CVE-2024-4492HIGHCVSS 8.8EG 8.82024-05-05
A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). This issue affects the function formOfflineSet of the file /goform/setStaOffline. The manipulation of the argument GO/ssidIndex leads to stack-b…
- CVE-2024-4493HIGHCVSS 8.8EG 8.82024-05-05
A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.14(4656). Affected is the function formSetAutoPing. The manipulation of the argument ping1/ping2 leads to stack-based buffer overflow. It is possible to launch…
- CVE-2024-4494HIGHCVSS 8.8EG 8.82024-05-05
A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by this vulnerability is the function formSetUplinkInfo of the file /goform/setUplinkInfo. The manipulation of the argument pingHostIp2 leads t…
- CVE-2024-4495HIGHCVSS 8.8EG 8.82024-05-05
A vulnerability was found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by this issue is the function formWifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be l…
- CVE-2024-4496HIGHCVSS 8.8EG 8.82024-05-05
A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been classified as critical. This affects the function formWifiMacFilterSet. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to i…
- CVE-2024-4497HIGHCVSS 8.8EG 8.82024-05-05
A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been declared as critical. This vulnerability affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can…
- CVE-2024-45062MEDIUMCVSS 6.4EG 6.42025-08-19
A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buffer overflow which can lead to a arbitrary code execution in a privileged servic…
- CVE-2024-45158CRITICALCVSS 9.8EG 9.82024-09-05
An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations…
- CVE-2024-45162CRITICALCVSS 9.8EG 9.82025-10-29
A stack-based buffer overflow issue was discovered in the phddns client in Blu-Castle BCUM221E 1.0.0P220507 via the password field.
- CVE-2024-45318HIGHCVSS 8.1EG 8.12024-12-05
A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
- CVE-2024-45413HIGHCVSS 8.1EG 8.12024-09-16
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. This function is an API wrapper for LUA to decrypt RSA encrypted ciphertext, the decrypted data is stored on the stack withou…
- CVE-2024-45414CRITICALCVSS 9.8EG 9.82024-09-16
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. Th…
- CVE-2024-45415CRITICALCVSS 9.8EG 9.82024-09-16
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in …
- CVE-2024-4550MEDIUMCVSS 6.7EG 6.72024-09-13
A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code.
- CVE-2024-45542HIGHCVSS 7.8EG 7.82025-01-06
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
- CVE-2024-45694CRITICALCVSS 9.8EG 9.82024-09-16
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
- CVE-2024-45695CRITICALCVSS 9.8EG 9.82024-09-16
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
- CVE-2024-46044CRITICALCVSS 9.8EG 5.72024-09-13
CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.
- CVE-2024-46045CRITICALCVSS 9.8EG 5.72024-09-13
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.
- CVE-2024-46046CRITICALCVSS 9.8EG 6.52024-09-13
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
- CVE-2024-46047HIGHCVSS 7.5EG 6.52024-09-13
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function.
- CVE-2024-46049CRITICALCVSS 9.8EG 5.72024-09-13
Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function.
- CVE-2024-46313HIGHCVSS 8.0EG 8.02024-09-30
TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm.
- CVE-2024-46325MEDIUMCVSS 5.5EG 5.52024-10-07
TP-Link WR740N V6 has a stack overflow vulnerability via the ssid parameter in /userRpm/popupSiteSurveyRpm.htm url.
- CVE-2024-46435HIGHCVSS 8.0EG 6.32025-02-10
A stack overflow vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an authenticated remote attacker to cause a denial of service or potentially execute arbitrary code. This vulnerability occurs due to improper i…
- CVE-2024-46546HIGHCVSS 7.3EG 7.32025-04-22
NEXTU FLETA AX1500 WIFI6 Router v1.0.3 was discovered to contain a stack overflow via the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- CVE-2024-46663MEDIUMCVSS 6.7EG 6.72025-03-11
A stack-buffer overflow vulnerability [CWE-121] in Fortinet FortiMail CLI version 7.6.0 through 7.6.1 and before 7.4.3 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI commands.
- CVE-2024-47072HIGHCVSS 7.5EG 7.52024-11-08
XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the proce…
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →