VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 35 of 40
  • CVE-2026-9150MedMay 20, 2026
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to…

  • CVE-2026-28221MedApr 29, 2026
    risk 0.35cvss 6.5epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in print_hex_string() in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes…

  • CVE-2025-7623MedNov 18, 2025
    risk 0.35cvss 5.4epss 0.00

    Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware…

  • CVE-2025-7704MedNov 13, 2025
    risk 0.35cvss 5.4epss 0.00

    Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability

  • CVE-2018-7527MedApr 26, 2018
    risk 0.35cvss 5.3epss 0.01

    A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file.

  • CVE-2026-8258MedMay 11, 2026
    risk 0.34cvss 5.3epss 0.00

    A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be…

  • CVE-2026-4185MedMar 16, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box. The manipulation of the argument szName results in stack-based buffer overflow.…

  • CVE-2026-4015MedMar 12, 2026
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of the file src/filters/load_text.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the…

  • CVE-2026-3137MedFeb 25, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food_ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has…

  • CVE-2025-9300MedAug 21, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local…

  • CVE-2025-9175MedAug 19, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might…

  • CVE-2025-8962MedAug 14, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostel_manage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buffer overflow. Local…

  • CVE-2025-8846MedAug 11, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be…

  • CVE-2025-8845MedAug 11, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the…

  • CVE-2025-3588MedApr 14, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based…

  • CVE-2025-3196MedApr 4, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the…

  • CVE-2018-7513MedMar 21, 2018
    risk 0.34cvss 5.3epss 0.00

    In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow.

  • CVE-2026-47318MedJun 4, 2026
    risk 0.33cvss 6.1epss 0.00

    Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035.

  • CVE-2024-51395MedMay 13, 2026
    risk 0.33cvss 6.2epss 0.00

    Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_SmartAudio::loop, AP_SmartAudio, AP_SmartAudio.cpp components.

  • CVE-2026-29628MedApr 13, 2026
    risk 0.33cvss 6.2epss 0.00

    A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file.