CWE-121
Stack-based Buffer Overflow
Description
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Hierarchy (View 1000)
CVEs mapped to this weakness (790)
page 35 of 40| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9150 | Med | 0.35 | 6.5 | 0.00 | May 20, 2026 | A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to… | ||
| CVE-2026-28221 | Med | 0.35 | 6.5 | 0.00 | Apr 29, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in print_hex_string() in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes… | ||
| CVE-2025-7623 | Med | 0.35 | 5.4 | 0.00 | Nov 18, 2025 | Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware… | ||
| CVE-2025-7704 | Med | 0.35 | 5.4 | 0.00 | Nov 13, 2025 | Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability | ||
| CVE-2018-7527 | Med | 0.35 | 5.3 | 0.01 | Apr 26, 2018 | A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file. | ||
| CVE-2026-8258 | Med | 0.34 | 5.3 | 0.00 | May 11, 2026 | A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be… | ||
| CVE-2026-4185 | Med | 0.34 | 6.3 | 0.00 | Mar 16, 2026 | A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box. The manipulation of the argument szName results in stack-based buffer overflow.… | ||
| CVE-2026-4015 | Med | 0.34 | 5.3 | 0.00 | Mar 12, 2026 | A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of the file src/filters/load_text.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the… | ||
| CVE-2026-3137 | Med | 0.34 | 5.3 | 0.00 | Feb 25, 2026 | A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food_ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has… | ||
| CVE-2025-9300 | Med | 0.34 | 5.3 | 0.00 | Aug 21, 2025 | A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local… | ||
| CVE-2025-9175 | Med | 0.34 | 5.3 | 0.00 | Aug 19, 2025 | A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might… | ||
| CVE-2025-8962 | Med | 0.34 | 5.3 | 0.00 | Aug 14, 2025 | A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostel_manage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buffer overflow. Local… | ||
| CVE-2025-8846 | Med | 0.34 | 5.3 | 0.00 | Aug 11, 2025 | A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be… | ||
| CVE-2025-8845 | Med | 0.34 | 5.3 | 0.00 | Aug 11, 2025 | A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the… | ||
| CVE-2025-3588 | Med | 0.34 | 5.3 | 0.00 | Apr 14, 2025 | A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based… | ||
| CVE-2025-3196 | Med | 0.34 | 5.3 | 0.00 | Apr 4, 2025 | A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the… | ||
| CVE-2018-7513 | Med | 0.34 | 5.3 | 0.00 | Mar 21, 2018 | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. | ||
| CVE-2026-47318 | Med | 0.33 | 6.1 | 0.00 | Jun 4, 2026 | Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035. | ||
| CVE-2024-51395 | Med | 0.33 | 6.2 | 0.00 | May 13, 2026 | Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_SmartAudio::loop, AP_SmartAudio, AP_SmartAudio.cpp components. | ||
| CVE-2026-29628 | Med | 0.33 | 6.2 | 0.00 | Apr 13, 2026 | A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file. |
- risk 0.35cvss 6.5epss 0.00
A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to…
- risk 0.35cvss 6.5epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in print_hex_string() in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes…
- risk 0.35cvss 5.4epss 0.00
Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware…
- risk 0.35cvss 5.4epss 0.00
Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability
- risk 0.35cvss 5.3epss 0.01
A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file.
- risk 0.34cvss 5.3epss 0.00
A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be…
- risk 0.34cvss 6.3epss 0.00
A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box. The manipulation of the argument szName results in stack-based buffer overflow.…
- risk 0.34cvss 5.3epss 0.00
A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of the file src/filters/load_text.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the…
- risk 0.34cvss 5.3epss 0.00
A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food_ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostel_manage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buffer overflow. Local…
- risk 0.34cvss 5.3epss 0.00
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the…
- risk 0.34cvss 5.3epss 0.00
A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based…
- risk 0.34cvss 5.3epss 0.00
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the…
- risk 0.34cvss 5.3epss 0.00
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow.
- risk 0.33cvss 6.1epss 0.00
Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035.
- risk 0.33cvss 6.2epss 0.00
Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_SmartAudio::loop, AP_SmartAudio, AP_SmartAudio.cpp components.
- risk 0.33cvss 6.2epss 0.00
A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file.