CWE-121
Stack-based Buffer Overflow
Description
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Hierarchy (View 1000)
CVEs mapped to this weakness (790)
page 28 of 40| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-37122 | Hig | 0.49 | 7.5 | 0.00 | Feb 7, 2026 | SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the… | ||
| CVE-2020-37136 | Hig | 0.49 | 7.5 | 0.00 | Feb 5, 2026 | ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. Attackers can overwrite the private key file input with a 2000-byte buffer, causing the application to become unresponsive when… | ||
| CVE-2025-58413 | Hig | 0.49 | 7.5 | 0.00 | Nov 18, 2025 | A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to… | ||
| CVE-2025-53843 | Hig | 0.49 | 7.5 | 0.01 | Nov 18, 2025 | A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets | ||
| CVE-2025-11678 | Hig | 0.49 | — | 0.00 | Oct 20, 2025 | Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilation, to overflow the label_stack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id… | ||
| CVE-2023-28760 | Hig | 0.49 | 7.5 | 0.03 | Oct 2, 2025 | TP-Link AX1800 WiFi 6 Router (Archer AX21) devices allow unauthenticated attackers (on the LAN) to execute arbitrary code as root via the db_dir field to minidlnad. The attacker obtains the ability to modify files.db, and that can be used to reach a stack-based buffer overflow… | ||
| CVE-2025-6073 | Hig | 0.49 | 7.5 | 0.00 | Jul 3, 2025 | Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can… | ||
| CVE-2025-6072 | Hig | 0.49 | 7.5 | 0.00 | Jul 3, 2025 | Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of… | ||
| CVE-2024-53621 | Hig | 0.49 | 7.5 | 0.00 | Jun 30, 2025 | A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 11ac US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||
| CVE-2024-3286 | Hig | 0.49 | 7.5 | 0.00 | May 16, 2024 | A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request. | ||
| CVE-2018-1125 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2018 | procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is… | ||
| CVE-2018-5452 | Hig | 0.49 | 7.5 | 0.02 | Mar 7, 2018 | A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted… | ||
| CVE-2017-7910 | Hig | 0.49 | 7.5 | 0.02 | Jun 14, 2017 | A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service attack. | ||
| CVE-2026-49014 | Hig | 0.48 | 7.4 | 0.00 | May 27, 2026 | In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an… | ||
| CVE-2026-12200 | Hig | 0.47 | 7.3 | 0.00 | Jun 15, 2026 | A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in the library libeay32.dll.html of the component Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The… | ||
| CVE-2025-66280 | Hig | 0.47 | 7.2 | 0.00 | Jun 10, 2026 | An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the… | ||
| CVE-2026-30649 | Hig | 0.47 | 7.3 | 0.00 | Jun 2, 2026 | Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component | ||
| CVE-2026-24085 | Hig | 0.47 | 7.2 | 0.00 | Jun 1, 2026 | Memory Corruption when processing display command line information due to improper initialization of a variable. | ||
| CVE-2026-38422 | Hig | 0.47 | 7.3 | 0.01 | May 27, 2026 | Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmota_xdrv_driver/xdrv_10_scripter.ino, fetch_jpg() function. | ||
| CVE-2026-44859 | Hig | 0.47 | 7.2 | 0.00 | May 12, 2026 | Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these… |
- risk 0.49cvss 7.5epss 0.00
SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the…
- risk 0.49cvss 7.5epss 0.00
ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. Attackers can overwrite the private key file input with a 2000-byte buffer, causing the application to become unresponsive when…
- risk 0.49cvss 7.5epss 0.00
A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to…
- risk 0.49cvss 7.5epss 0.01
A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets
- risk 0.49cvss —epss 0.00
Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilation, to overflow the label_stack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id…
- risk 0.49cvss 7.5epss 0.03
TP-Link AX1800 WiFi 6 Router (Archer AX21) devices allow unauthenticated attackers (on the LAN) to execute arbitrary code as root via the db_dir field to minidlnad. The attacker obtains the ability to modify files.db, and that can be used to reach a stack-based buffer overflow…
- risk 0.49cvss 7.5epss 0.00
Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can…
- risk 0.49cvss 7.5epss 0.00
Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of…
- risk 0.49cvss 7.5epss 0.00
A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 11ac US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request.
- risk 0.49cvss 7.5epss 0.02
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is…
- risk 0.49cvss 7.5epss 0.02
A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted…
- risk 0.49cvss 7.5epss 0.02
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service attack.
- risk 0.48cvss 7.4epss 0.00
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an…
- risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in the library libeay32.dll.html of the component Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The…
- risk 0.47cvss 7.2epss 0.00
An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the…
- risk 0.47cvss 7.3epss 0.00
Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component
- risk 0.47cvss 7.2epss 0.00
Memory Corruption when processing display command line information due to improper initialization of a variable.
- risk 0.47cvss 7.3epss 0.01
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmota_xdrv_driver/xdrv_10_scripter.ino, fetch_jpg() function.
- risk 0.47cvss 7.2epss 0.00
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…