CWE-121— Stack-based Buffer Overflow
3,127 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 49 of 63
- CVE-2025-51082MEDIUMCVSS 5.3EG 5.32025-07-24
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/fast_setting_wifi_set. The manipulation of the argument `timeZone` leads to stack-based buffer overflow.
- CVE-2025-51085MEDIUMCVSS 5.3EG 5.32025-07-24
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow.
- CVE-2025-51087HIGHCVSS 8.6EG 8.62025-07-24
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow.
- CVE-2025-51088MEDIUMCVSS 5.3EG 5.32025-07-24
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow.
- CVE-2025-51383LOWCVSS 3.5EG 3.52025-07-31
D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter.
- CVE-2025-51384LOWCVSS 3.5EG 3.52025-07-31
D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.
- CVE-2025-51385LOWCVSS 3.5EG 3.52025-07-31
D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the id parameter.
- CVE-2025-51495HIGHCVSS 7.5EG 7.52025-09-29
An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component…
- CVE-2025-52080MEDIUMCVSS 6.5EG 6.52025-07-15
In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the share_name parameter.
- CVE-2025-52081MEDIUMCVSS 6.5EG 6.52025-07-15
In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the usb_folder parameter.
- CVE-2025-52082MEDIUMCVSS 6.5EG 6.52025-07-15
In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the read_access parameter.
- CVE-2025-5215HIGHCVSS 8.8EG 8.82025-05-27
A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the argument Authorization leads to stack-based buffer overflow. It …
- CVE-2025-52194HIGHCVSS 7.5EG 7.52025-08-21
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample ra…
- CVE-2025-5228HIGHCVSS 8.8EG 8.82025-05-27
A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-…
- CVE-2025-52539HIGHCVSS 7.3EG 7.32025-11-24
A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt data from the advanced extensible interface (AXI), potentially resulting in loss of confidentiality, integrity, and/or availability.
- CVE-2025-5278MEDIUMCVSS 4.4EG 4.42025-05-27
A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key form…
- CVE-2025-5297MEDIUMCVSS 5.3EG 5.32025-05-28
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to st…
- CVE-2025-52999HIGHCVSS 8.7EG 0.02025-06-25
jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end u…
- CVE-2025-53009HIGHCVSS 7.5EG 7.52025-08-01
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the Mat…
- CVE-2025-53022HIGHCVSS 8.6EG 8.62025-07-30
TrustedFirmware-M (aka Trusted Firmware for M profile Arm CPUs) before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade (FWU) module does not validate the le…
- CVE-2025-53171MEDIUMCVSS 4.0EG 4.02025-07-07
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
- CVE-2025-53172MEDIUMCVSS 4.0EG 4.02025-07-07
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
- CVE-2025-53173MEDIUMCVSS 5.3EG 5.32025-07-07
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
- CVE-2025-53174MEDIUMCVSS 4.0EG 4.02025-07-07
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
- CVE-2025-53175MEDIUMCVSS 4.0EG 4.02025-07-07
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
- CVE-2025-53176LOWCVSS 3.3EG 3.32025-07-07
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
- CVE-2025-53418HIGHCVSS 8.6EG 8.62025-08-26
Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.
- CVE-2025-53521CRITICALCVSS 9.8EG 9.8⚠ KEV2025-10-15
When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
- CVE-2025-53593MEDIUMCVSS 6.5EG 6.52026-01-02
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have …
- CVE-2025-53597MEDIUMCVSS 6.5EG 6.52026-01-02
A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulner…
- CVE-2025-53843HIGHCVSS 7.5EG 7.52025-11-18
A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or …
- CVE-2025-54099HIGHCVSS 7.0EG 7.02025-09-09
Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2025-54274HIGHCVSS 7.8EG 7.82025-10-14
Substance3D - Viewer versions 0.25.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac…
- CVE-2025-54328CRITICALCVSS 10.0EG 10.02026-04-06
An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A …
- CVE-2025-54399HIGHCVSS 8.8EG 8.82025-10-07
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a serie…
- CVE-2025-54400HIGHCVSS 8.8EG 8.82025-10-07
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a serie…
- CVE-2025-54401HIGHCVSS 8.8EG 8.82025-10-07
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a serie…
- CVE-2025-54402HIGHCVSS 8.8EG 8.82025-10-07
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a serie…
- CVE-2025-54480CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54481CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54482CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54483CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54484CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54485CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54486CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54487CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54488CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54489CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54490CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
- CVE-2025-54491CRITICALCVSS 9.8EG 9.82025-08-25
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pr…
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →