VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 33 of 40
  • CVE-2026-10064MedMay 29, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special_name results in stack-based buffer overflow. It is possible to initiate the attack…

  • CVE-2026-8733MedMay 17, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has…

  • CVE-2026-3697MedMar 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in Planet ICG-2510 1.0_20250811. The impacted element is the function sub_40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer…

  • CVE-2026-2930MedFeb 22, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be…

  • CVE-2025-3409MedApr 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stb_include_string. The manipulation of the argument path_to_includes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product…

  • CVE-2024-31803MedMay 14, 2024
    risk 0.41cvss 6.2epss 0.00

    Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attacker to execute arbitrary code via the FerretCOT::read_pre_data128_from_file function.

  • CVE-2022-32502MedMay 14, 2024
    risk 0.41cvss 6.3epss 0.01

    An issue was discovered on certain Nuki Home Solutions devices. There is a buffer overflow over the encrypted token parsing logic in the HTTP service that allows remote code execution. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2.

  • CVE-2018-14792MedSep 19, 2018
    risk 0.41cvss 6.3epss 0.01

    WECON PLC Editor version 1.3.3U may allow an attacker to execute code under the current process when processing project files.

  • CVE-2017-7936MedAug 7, 2017
    risk 0.41cvss 6.3epss 0.00

    A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device…

  • CVE-2024-48519MedMay 13, 2026
    risk 0.40cvss 6.2epss 0.00

    Buffer Overflow vulnerability in Ardupilot rover commit v.c56439b045162058df0ff136afea3081fcd06d38 allows a local attacker to cause a denial of service via the AP_InertialSensor_ADIS1647x.cpp, ArduRover, ADIS1647x Sensor component.

  • CVE-2026-28897MedMay 11, 2026
    risk 0.40cvss 6.2epss 0.00

    A buffer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A local user may be able to cause…

  • CVE-2019-25437MedFeb 20, 2026
    risk 0.40cvss 6.2epss 0.00

    Foscam Video Management System 1.1.6.6 contains a buffer overflow vulnerability in the UID field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 5000-character buffer into the UID parameter during device…

  • CVE-2020-37128MedFeb 5, 2026
    risk 0.40cvss 6.2epss 0.00

    ZOC Terminal 7.25.5 contains a script processing vulnerability that allows local attackers to crash the application by loading a maliciously crafted REXX script file. Attackers can generate an oversized script with 20,000 repeated characters to trigger an application crash and…

  • CVE-2025-15555HigFeb 4, 2026
    risk 0.40cvss 7.3epss 0.01

    A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hss_ogs_diam_cx_mar_cb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGS_KEY_LEN results in stack-based buffer…

  • CVE-2025-12143MedNov 28, 2025
    risk 0.40cvss 6.1epss 0.00

    Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.

  • CVE-2025-12464MedOct 31, 2025
    risk 0.40cvss 6.2epss 0.00

    A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in…

  • CVE-2024-41166MedFeb 12, 2025
    risk 0.40cvss 6.1epss 0.00

    Stack-based buffer overflow in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2024-7784MedSep 10, 2024
    risk 0.40cvss 6.1epss 0.00

    During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no…

  • CVE-2024-38443MedJun 16, 2024
    risk 0.40cvss 6.2epss 0.00

    C/sorting/binary_insertion_sort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements.

  • CVE-2024-29421MedMay 22, 2024
    risk 0.40cvss 6.2epss 0.00

    xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer Overflow via libs/dicom/basic.c which allows an attacker to execute arbitrary code.