VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 30 of 40
  • CVE-2024-38509HigJul 26, 2024
    risk 0.47cvss 7.2epss 0.01

    A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to execute arbitrary code via a specially crafted IPMI command.

  • CVE-2024-31163HigJun 14, 2024
    risk 0.47cvss 7.2epss 0.01

    ASUS Download Master has a buffer overflow vulnerability. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the device.

  • CVE-2024-3079HigJun 14, 2024
    risk 0.47cvss 7.2epss 0.01

    Certain models of ASUS routers have buffer overflow vulnerabilities, allowing remote attackers with administrative privileges to execute arbitrary commands on the device.

  • CVE-2026-49759HigJun 10, 2026
    risk 0.46cvss 8.2epss 0.01

    Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctp_parse_error_chunk function in erts/emulator/drivers/common/inet_drv.c parses SCTP ERROR chunks…

  • CVE-2026-9669HigJun 8, 2026
    risk 0.46cvss epss 0.00

    bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to…

  • CVE-2026-6665HigMay 9, 2026
    risk 0.46cvss 8.1epss 0.00

    The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat() correctly when building the contents of the SCRAM client-final-message. A malicious backend that sends a SCRAM server-final-message with a long nonce can trigger a stack overflow.

  • CVE-2026-32195HigApr 14, 2026
    risk 0.46cvss 7.0epss 0.00

    Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2025-26386HigJan 28, 2026
    risk 0.46cvss epss 0.00

    Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of…

  • CVE-2025-23388HigApr 11, 2025
    risk 0.46cvss 8.2epss 0.01

    A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.

  • CVE-2024-55577HigJan 15, 2025
    risk 0.46cvss 7.0epss 0.00

    Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a result, the attacker may obtain or alter information of the user environment or…

  • CVE-2026-54502higJun 19, 2026
    risk 0.45cvss epss

    ### Summary `Oj.dump` is vulnerable to a stack-based buffer overflow when a large `:indent` value is provided by the developer. `fill_indent` in `dump.h` calls `memset(indent_str, ' ', (size_t)opts->indent)` without validating the size. When `opts->indent` is set to `INT_MAX`…

  • CVE-2026-5295HigApr 9, 2026
    risk 0.45cvss 8.0epss 0.00

    A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wc_PKCS7_DecryptOri() function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo (ORI) recipient, the function copies an ASN.1-parsed OID into a fixed…

  • CVE-2025-59365MedNov 25, 2025
    risk 0.45cvss epss 0.00

    A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router…

  • CVE-2024-41882MedDec 24, 2024
    risk 0.45cvss epss 0.01

    Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot. The manufacturer has released patch firmware for…

  • CVE-2024-56139MedDec 17, 2024
    risk 0.45cvss epss 0.00

    pdftools is a high level tools to convert PDF files to ePUB formats. In versions up to and including 0.5.0 maliciously crafted epub files can cause a stack overflow leading to a crash. This issue has not yet been addressed and users are advised to avoid untrusted input to their…

  • CVE-2024-23933MedSep 23, 2024
    risk 0.45cvss 6.8epss 0.01

    Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this…

  • CVE-2017-14016MedNov 6, 2017
    risk 0.45cvss 6.3epss 0.16

    A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary…

  • CVE-2026-6240MedJun 6, 2026
    risk 0.44cvss epss 0.00

    A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when handling multiple user deletion parameters. An authenticated attacker can send a crafted malicious request containing an excessive…

  • CVE-2026-6239MedJun 6, 2026
    risk 0.44cvss epss 0.00

    A stack‑based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where the device fails to properly validate the number of XML user nodes during request processing. An authenticated attacker can send a specially crafted ONVIF request…

  • CVE-2025-59613MedJun 1, 2026
    risk 0.44cvss 6.7epss 0.00

    Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.