VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 14 of 40
  • CVE-2026-7470HigApr 30, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. Affected is the function sub_427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has…

  • CVE-2026-7151HigApr 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argument destNet causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2026-7035HigApr 26, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely.…

  • CVE-2026-7034HigApr 26, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the argument Go results in stack-based buffer overflow. The attack may be initiated…

  • CVE-2026-41681CriApr 24, 2026
    risk 0.57cvss 9.8epss 0.00

    rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx) to the out buffer. If out is smaller than that, MdCtxRef::digest_final() writes past its end, usually corrupting the…

  • CVE-2026-40892CriApr 21, 2026
    risk 0.57cvss 9.8epss 0.00

    PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsip_auth_create_digest2() in PJSIP when using pre-computed digest credentials (PJSIP_CRED_DATA_DIGEST). The function copies credential data…

  • CVE-2026-32955HigApr 20, 2026
    risk 0.57cvss 8.8epss 0.01

    SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.

  • CVE-2026-4682HigApr 15, 2026
    risk 0.57cvss epss 0.00

    Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices (WSD) scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network…

  • CVE-2026-6200HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the argument menufacturer/Go causes stack-based buffer overflow. The attack can be initiated remotely. The…

  • CVE-2026-6199HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public…

  • CVE-2026-6198HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The…

  • CVE-2026-6197HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.00

    A flaw has been found in Tenda F456 1.0.0.5. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Executing a manipulation of the argument mit_ssid can lead to stack-based buffer overflow. The attack may be performed from remote. The…

  • CVE-2026-6196HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit…

  • CVE-2026-6194HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.00

    A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow.…

  • CVE-2026-6168HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid5g causes stack-based buffer overflow. Remote exploitation of the attack is possible. The…

  • CVE-2026-6137HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPassword results in stack-based buffer overflow. It is possible to launch the attack…

  • CVE-2026-6136HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.01

    A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has…

  • CVE-2026-6135HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be performed from remote. The…

  • CVE-2026-6134HigApr 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation of the argument qos results in stack-based buffer overflow. The attack is possible to be carried…

  • CVE-2026-6133HigApr 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is…