VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 37 of 40
  • CVE-2025-59801MedSep 22, 2025
    risk 0.28cvss 4.3epss 0.00

    In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xps_unpredict_tiff in xpstiff.c because the samplesperpixel value is not checked.

  • CVE-2023-48906MedApr 1, 2024
    risk 0.28cvss 4.3epss 0.00

    Stack Overflow vulnerability in Btstack 1.6 and earlier allows attackers to cause a denial of service via crafted input to the char_for_nibble function.

  • CVE-2024-25137MedMar 26, 2024
    risk 0.28cvss 4.3epss 0.00

    In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which may lead to a stack overflow. The result of this stack-based buffer overflow can lead to denial-of-service conditions.

  • CVE-2026-5713MedApr 14, 2026
    risk 0.27cvss epss 0.00

    The "profiling.sampling" module (Python 3.15+) and "asyncio introspection capabilities" (3.14+, "python -m asyncio ps" and "python -m asyncio pstree") features could be used to read and write addresses in a privileged process if that process connected to a malicious or…

  • CVE-2026-2016MedFeb 6, 2026
    risk 0.27cvss 5.3epss 0.00

    A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack.…

  • CVE-2025-55095MedJan 27, 2026
    risk 0.27cvss 4.2epss 0.00

    The function _ux_host_class_storage_media_mount() is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs…

  • CVE-2025-15155MedDec 28, 2025
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function _sg_pipeline_desc_defaults in the library sokol_gfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach.…

  • CVE-2025-15013MedDec 22, 2025
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function _sg_validate_pipeline_desc in the library sokol_gfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out…

  • CVE-2020-36855MedOct 21, 2025
    risk 0.27cvss 5.3epss 0.00

    A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow. Local access is required to approach this attack. The…

  • CVE-2025-11012MedSep 26, 2025
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was determined in BehaviorTree up to 4.7.0. This affects the function ParseScript of the file /src/script_parser.cpp of the component Diagnostic Message Handler. Executing manipulation of the argument error_msgs_buffer can lead to stack-based buffer overflow. The…

  • CVE-2025-24328MedJul 2, 2025
    risk 0.27cvss 4.2epss 0.00

    Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue…

  • CVE-2026-33536MedMar 26, 2026
    risk 0.26cvss 5.1epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in…

  • CVE-2025-9820MedJan 26, 2026
    risk 0.26cvss 4.0epss 0.00

    A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error…

  • CVE-2026-23747LowFeb 26, 2026
    risk 0.24cvss 3.7epss 0.00

    Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helpers copy network-supplied payload data into fixed-size stack buffers using…

  • CVE-2025-5640LowJun 5, 2025
    risk 0.24cvss 3.3epss 0.01

    A vulnerability was found in PX4-Autopilot 1.12.3. It has been classified as problematic. This affects the function MavlinkReceiver::handle_message_trajectory_representation_waypoints of the file mavlink_receiver.cpp of the component TRAJECTORY_REPRESENTATION_WAYPOINTS Message…

  • CVE-2024-53849MedNov 27, 2024
    risk 0.24cvss epss 0.00

    editorconfig-core-c is theEditorConfig core library written in C (for use by plugins supporting EditorConfig parsing). In affected versions several overflows may occur in switch case '[' when the input pattern contains many escaped characters. The added backslashes leave too…

  • CVE-2025-5278MedMay 27, 2025
    risk 0.22cvss 4.4epss 0.00

    A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a…

  • CVE-2026-2657LowFeb 18, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wren_compiler.c of the component Error Message Handler. Such manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The…

  • CVE-2026-2069LowFeb 6, 2026
    risk 0.21cvss 3.3epss 0.00

    A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer overflow. The attack needs to be…

  • CVE-2025-6857LowJun 29, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The…