VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 8 of 40
  • CVE-2010-20107HigAug 21, 2025
    risk 0.60cvss epss 0.00

    A stack-based buffer overflow exists in FTP Synchronizer Professional <= v4.0.73.274. When the client connects to an FTP server and issues a LIST command—typically during sync preview or profile creation—the server’s response containing an overly long filename triggers a…

  • CVE-2010-20034HigAug 21, 2025
    risk 0.60cvss epss 0.00

    Gekko Manager FTP Client <= 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename…

  • CVE-2010-20007HigAug 21, 2025
    risk 0.60cvss epss 0.00

    Seagull FTP Client <= v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application…

  • CVE-2009-20002HigAug 21, 2025
    risk 0.60cvss epss 0.00

    Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls…

  • CVE-2010-10015HigAug 21, 2025
    risk 0.60cvss epss 0.00

    AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation…

  • CVE-2011-10014HigAug 13, 2025
    risk 0.60cvss epss 0.00

    GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe)…

  • CVE-2025-34124HigJul 16, 2025
    risk 0.60cvss epss 0.00

    A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object…

  • CVE-2025-40634CriMay 20, 2025
    risk 0.60cvss epss 0.01

    Stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router, in firmware versions prior to 1.0.15 build 241203 rel61480. This vulnerability allows an attacker to execute arbitrary code on the device over LAN and WAN…

  • CVE-2017-14854CriJun 3, 2019
    risk 0.60cvss 9.1epss 0.07

    A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to 2017-09-25.

  • CVE-2026-26241CriJun 10, 2026
    risk 0.59cvss 9.1epss 0.00

    A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later

  • CVE-2026-26240CriJun 10, 2026
    risk 0.59cvss 9.1epss 0.00

    A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later

  • CVE-2025-59383CriMar 20, 2026
    risk 0.59cvss 9.1epss 0.00

    A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Media Streaming Add-on 500.1.1 and…

  • CVE-2025-61128CriOct 28, 2025
    risk 0.59cvss 9.1epss 0.01

    Stack-based buffer overflow vulnerability in WAVLINK QUANTUM D3G/WL-WN530HG3 firmware M30HG3_V240730, and possibly other wavlink models allows attackers to execute arbitrary code via crafted referrer value POST to login.cgi.

  • CVE-2010-20108HigAug 21, 2025
    risk 0.59cvss epss 0.00

    FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to…

  • CVE-2011-10027HigAug 20, 2025
    risk 0.59cvss epss 0.00

    AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows…

  • CVE-2010-20045HigAug 20, 2025
    risk 0.59cvss epss 0.00

    FileWrangler <= 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering.…

  • CVE-2011-10012HigAug 13, 2025
    risk 0.59cvss epss 0.00

    NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an…

  • CVE-2012-10051HigAug 8, 2025
    risk 0.59cvss epss 0.00

    Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to properly validate its contents, leading…

  • CVE-2025-34123HigJul 16, 2025
    risk 0.59cvss epss 0.00

    A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue occurs due to improper handling of user-supplied data in the XML 'Name' attribute, leading to an SEH overwrite condition. An…

  • CVE-2024-28038CriNov 26, 2024
    risk 0.59cvss 9.0epss 0.03

    The web interface of the affected devices processes a cookie value improperly, leading to a stack buffer overflow. More precisely, giving too long character string to MFPSESSIONID parameter results in a stack buffer overflow. As for the details of affected product names, model…