VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 4 of 40
  • CVE-2019-25319CriFeb 12, 2026
    risk 0.64cvss 9.8epss 0.00

    Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger…

  • CVE-2020-37184CriFeb 11, 2026
    risk 0.64cvss 9.8epss 0.00

    Allok Video Converter 4.6.1217 contains a stack overflow vulnerability in the License Name input field that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite SEH handlers and execute system commands by injecting malicious…

  • CVE-2020-37183CriFeb 11, 2026
    risk 0.64cvss 9.8epss 0.00

    Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload in the License Name input field to…

  • CVE-2020-37181CriFeb 11, 2026
    risk 0.64cvss 9.8epss 0.00

    Torrent FLV Converter 1.51 Build 117 contains a stack overflow vulnerability that allows attackers to overwrite Structured Exception Handler (SEH) through a malicious registration code input. Attackers can craft a payload with specific offsets and partial SEH overwrite…

  • CVE-2020-37176CriFeb 11, 2026
    risk 0.64cvss 9.8epss 0.00

    Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the application's registration dialog to trigger code…

  • CVE-2026-22904CriFeb 9, 2026
    risk 0.64cvss 9.8epss 0.01

    Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution.

  • CVE-2026-22903CriFeb 9, 2026
    risk 0.64cvss 9.8epss 0.01

    An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the modified lighttpd server, causing it to crash and potentially enabling remote code execution due to missing stack…

  • CVE-2020-37159CriFeb 7, 2026
    risk 0.64cvss 9.8epss 0.01

    Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory registers in the alarm scheduling feature. Attackers can craft a malicious payload exceeding 260 bytes to overwrite EIP and EBP, enabling…

  • CVE-2020-37095CriFeb 7, 2026
    risk 0.64cvss 9.8epss 0.01

    Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) memory. Attackers can craft a malicious input in the 'Cyberoam Server Address' field to…

  • CVE-2020-37138CriFeb 5, 2026
    risk 0.64cvss 9.8epss 0.01

    10-Strike Network Inventory Explorer 9.03 contains a buffer overflow vulnerability in the file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious text file with carefully constructed payload to trigger a stack-based…

  • CVE-2020-37126CriFeb 5, 2026
    risk 0.64cvss 9.8epss 0.01

    Free Desktop Clock 3.0 contains a stack overflow vulnerability in the Time Zones display name input that allows attackers to overwrite Structured Exception Handler (SEH) registers. Attackers can exploit the vulnerability by crafting a malicious Unicode input that triggers an…

  • CVE-2020-37124CriFeb 5, 2026
    risk 0.64cvss 9.8epss 0.00

    B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute…

  • CVE-2020-37120CriFeb 5, 2026
    risk 0.64cvss 9.8epss 0.00

    Rubo DICOM Viewer 2.0 contains a buffer overflow vulnerability in the DICOM server name input field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious text file with carefully constructed payload to execute arbitrary code by…

  • CVE-2020-37066CriFeb 3, 2026
    risk 0.64cvss 9.8epss 0.00

    GoldWave 5.70 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting malicious input in the File Open URL dialog. Attackers can generate a specially crafted text file with Unicode-encoded shellcode to trigger a stack-based overflow…

  • CVE-2026-24465CriFeb 3, 2026
    risk 0.64cvss 9.8epss 0.01

    Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.

  • CVE-2020-37000CriJan 29, 2026
    risk 0.64cvss 9.8epss 0.00

    Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can leverage a specially crafted exploit file with shellcode, SEH bypass, and egghunter…

  • CVE-2020-36997CriJan 29, 2026
    risk 0.64cvss 9.8epss 0.00

    BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler (SEH) chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing…

  • CVE-2020-36967CriJan 28, 2026
    risk 0.64cvss 9.8epss 0.01

    Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler (SEH) overwrite and execute…

  • CVE-2020-36961CriJan 28, 2026
    risk 0.64cvss 9.8epss 0.00

    10-Strike Network Inventory Explorer 8.65 contains a buffer overflow vulnerability in exception handling that allows remote attackers to execute arbitrary code. Attackers can craft a malicious file with 209 bytes of padding and a specially constructed Structured Exception…

  • CVE-2026-22189CriJan 7, 2026
    risk 0.64cvss 9.8epss 0.00

    The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf() call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph…