CWE-121
Stack-based Buffer Overflow
Description
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Hierarchy (View 1000)
CVEs mapped to this weakness (790)
page 3 of 40| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-10187 | Cri | 0.64 | 9.8 | 0.01 | May 31, 2026 | A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer… | ||
| CVE-2026-8363 | — | Cri | 0.64 | 9.8 | 0.00 | May 27, 2026 | A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources: | |
| CVE-2026-8362 | — | Cri | 0.64 | 9.8 | 0.00 | May 27, 2026 | A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome | |
| CVE-2026-32661 | Cri | 0.64 | 9.8 | 0.00 | May 13, 2026 | Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to… | ||
| CVE-2026-41089 | Cri | 0.64 | 9.8 | 0.72 | May 12, 2026 | Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. | ||
| CVE-2026-7834 | Cri | 0.64 | 9.8 | 0.01 | May 5, 2026 | A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been… | ||
| CVE-2026-37539 | Cri | 0.64 | 9.8 | 0.01 | May 1, 2026 | Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted CAN FD frames. | ||
| CVE-2026-42482 | Cri | 0.64 | 9.8 | 0.00 | May 1, 2026 | A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password… | ||
| CVE-2026-7546 | — | Cri | 0.64 | 9.8 | 0.01 | May 1, 2026 | A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely.… | |
| CVE-2026-33447 | Cri | 0.64 | 9.8 | 0.00 | Apr 30, 2026 | CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial… | ||
| CVE-2026-1951 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2026 | Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability. | ||
| CVE-2026-1950 | Cri | 0.64 | 9.8 | 0.00 | Apr 24, 2026 | Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability. | ||
| CVE-2026-6643 | Cri | 0.64 | 9.9 | 0.00 | Apr 20, 2026 | A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf() and passing user-controlled data directly to printf(). Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker… | ||
| CVE-2026-6350 | Cri | 0.64 | 9.8 | 0.01 | Apr 16, 2026 | MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code. | ||
| CVE-2026-4567 | Cri | 0.64 | 9.8 | 0.04 | Mar 23, 2026 | A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been… | ||
| CVE-2025-15608 | Cri | 0.64 | 9.8 | 0.01 | Mar 20, 2026 | This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote… | ||
| CVE-2026-4181 | Cri | 0.64 | 9.8 | 0.01 | Mar 16, 2026 | A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack… | ||
| CVE-2026-25823 | Cri | 0.64 | 9.8 | 0.01 | Mar 13, 2026 | HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution. | ||
| CVE-2019-25365 | Cri | 0.64 | 9.8 | 0.00 | Feb 18, 2026 | ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious configuration file with carefully constructed payload to… | ||
| CVE-2019-25361 | Cri | 0.64 | 9.8 | 0.01 | Feb 18, 2026 | Ayukov NFTP client 1.71 contains a buffer overflow vulnerability in the SYST command handling that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted SYST command with oversized payload to trigger a buffer overflow and execute a bind shell… |
- risk 0.64cvss 9.8epss 0.01
A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer…
- risk 0.64cvss 9.8epss 0.00
A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:
- risk 0.64cvss 9.8epss 0.00
A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome
- risk 0.64cvss 9.8epss 0.00
Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to…
- risk 0.64cvss 9.8epss 0.72
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.
- risk 0.64cvss 9.8epss 0.01
A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been…
- risk 0.64cvss 9.8epss 0.01
Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted CAN FD frames.
- risk 0.64cvss 9.8epss 0.00
A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password…
- risk 0.64cvss 9.8epss 0.01
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely.…
- risk 0.64cvss 9.8epss 0.00
CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial…
- risk 0.64cvss 9.8epss 0.01
Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability.
- risk 0.64cvss 9.8epss 0.00
Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability.
- risk 0.64cvss 9.9epss 0.00
A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf() and passing user-controlled data directly to printf(). Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker…
- risk 0.64cvss 9.8epss 0.01
MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.
- risk 0.64cvss 9.8epss 0.04
A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been…
- risk 0.64cvss 9.8epss 0.01
This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote…
- risk 0.64cvss 9.8epss 0.01
A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack…
- risk 0.64cvss 9.8epss 0.01
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution.
- risk 0.64cvss 9.8epss 0.00
ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious configuration file with carefully constructed payload to…
- risk 0.64cvss 9.8epss 0.01
Ayukov NFTP client 1.71 contains a buffer overflow vulnerability in the SYST command handling that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted SYST command with oversized payload to trigger a buffer overflow and execute a bind shell…