Loading...
Loading...
3,127 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function.
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function.
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiBasicCfg function.
TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function.
ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an authenticated stack overflow via the torrentsindex parameter in the formBTClinetSetting function.
ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an authenticated stack overflow via the targetAPMac parameter in the formWsc function.
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the static_dns1 parameter in the formIpv6Setup interface.
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.
When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not …
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (like ifconfig) from the net-tools package…
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must …
Memory corruption while processing control commands in the virtual memory management interface.
Memory corruption while processing client message during device management.
Memory corruption while processing a frame request from user.
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code exec…
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execu…
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = …
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function fromSafeSetMacFilter of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buf…
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads …
A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the argument CameraName leads to stack-based buffer overflow. The…
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. This vulnerability affects the function isUCPCameraNameChanged of the file /sbin/ucp. The manipulation of the argument CameraName leads to stack-based …
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. This affects the function SubUPnPCSInit of the file /sbin/udev. The manipulation of the argument CameraName leads to stack-based buffer overflow. It …
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have …
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fi…
A flaw was found in GIMP. The GIMP ani_load_image() function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to …
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/d…
A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-b…
A vulnerability was found in code-projects Police Station Management System 1.0. It has been declared as critical. Affected by this vulnerability is the function criminal::remove of the file source.cpp of the component Delete Record. The m…
Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote a…
Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter.
A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENT_TYPE HTTP header in…
A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6 <=V15.03.05.19 via the page parameter.
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thd_group.asp endpoint.
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint.
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint.
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_member.asp endpoint.
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /url_rule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parame…
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_group.asp endpoint.
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usb_paswd.asp endpoint.
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters n…
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_ref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively lon…
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflo…
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →