VYPR
Get started

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (538)

page 27 of 27
CVESevRiskCVSSEPSSKEVPublishedDescription
CVE-2025-6170Low0.162.50.00Jun 16, 2025A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.
CVE-2025-7844Low0.070.00Aug 4, 2025Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default `MAX_RSA_KEY_BITS=2048` is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than 2048 bits and your application calls `wolfTPM2_RsaKey_TpmToWolf` on that key, then a stack buffer could be overrun. If the `MAX_RSA_KEY_BITS` build-time macro is set correctly (RSA bits match what TPM hardware is capable of) for the hardware target, then a stack overrun is not possible.
CVE-2014-07870.070.51Apr 12, 2014Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet.
CVE-2014-23640.060.40Jul 19, 2014Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx.
CVE-2014-07820.060.40May 16, 2014Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet.
CVE-2014-07840.030.02Mar 14, 2014Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet.
CVE-2014-07830.030.05Mar 14, 2014Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet.
CVE-2014-91900.010.06Jan 10, 2015Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist.
CVE-2014-92000.000.02Feb 1, 2015Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2014-54070.000.00Sep 15, 2014Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2) disturbance recording file.
CVE-2014-07700.000.01Apr 12, 2014By providing an overly long string to the UserName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely.
CVE-2014-07680.000.01Apr 12, 2014An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. The attacker may then remotely execute arbitrary code.
CVE-2014-07670.000.01Apr 12, 2014An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. This will overflow the static stack buffer. The attacker may then execute code on the target device remotely.
CVE-2014-07660.000.01Apr 12, 2014An attacker can exploit this vulnerability by copying an overly long NodeName2 argument into a statically sized buffer on the stack to overflow the static stack buffer. An attacker may use this vulnerability to remotely execute arbitrary code.
CVE-2014-07650.000.01Apr 12, 2014To exploit this vulnerability, the attacker sends data from the GotoCmd argument to control. If the value of the argument is overly long, the static stack buffer can be overflowed. This will allow the attacker to execute arbitrary code remotely.
CVE-2014-07640.000.01Apr 12, 2014By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely.
CVE-2014-07740.000.00Feb 28, 2014Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file.
CVE-2014-07530.000.03Jan 21, 2014Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the IntegraXor directory.