Search Results (3823 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-25454 1 Tenda 2 Ac10, Ac10 Firmware 2025-04-22 7.5 High
Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanSpeed2.
CVE-2025-25455 1 Tenda 2 Ac10, Ac10 Firmware 2025-04-22 7.5 High
Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanMTU2.
CVE-2022-46340 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2025-04-22 8.8 High
A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order.
CVE-2024-20130 2 Google, Mediatek 30 Android, Mt6739, Mt6761 and 27 more 2025-04-22 6.7 Medium
In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09193374; Issue ID: MSV-1982.
CVE-2024-27655 1 Dlink 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware 2025-04-21 8.8 High
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2024-27656 1 Dlink 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware 2025-04-21 8.8 High
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2024-27657 1 Dlink 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware 2025-04-21 8.8 High
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2025-0438 1 Google 1 Chrome 2025-04-21 8.8 High
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-38751 3 Debian, Redhat, Snakeyaml Project 9 Debian Linux, Amq Broker, Camel Spring Boot and 6 more 2025-04-21 6.5 Medium
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
CVE-2022-40149 3 Debian, Jettison Project, Redhat 11 Debian Linux, Jettison, Amq Streams and 8 more 2025-04-21 6.5 Medium
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
CVE-2022-41664 1 Siemens 2 Jt2go, Teamcenter Visualization 2025-04-21 7.8 High
A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
CVE-2015-4646 1 Squashfs Project 1 Squashfs 2025-04-20 7.5 High
(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input.
CVE-2017-14265 1 Libraw 1 Libraw 2025-04-20 N/A
A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.
CVE-2017-10806 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 5.5 Medium
Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.
CVE-2017-6035 1 We-con 1 Levi Studio Hmi Editor 2025-04-20 N/A
A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow, which could result in denial of service when a malicious project file is run on the system.
CVE-2017-7910 1 Digital Canal Structural 1 Wind Analysis 2025-04-20 N/A
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service attack.
CVE-2017-13999 1 We-con 1 Levi Studio Hmi Editor 2025-04-20 N/A
A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory; the attacker may then be able to crash the application or run arbitrary code.
CVE-2017-3195 1 Commvault 1 Edge 2025-04-20 9.8 Critical
Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execution with administrative privileges.
CVE-2017-1000251 4 Debian, Linux, Nvidia and 1 more 17 Debian Linux, Linux Kernel, Jetson Tk1 and 14 more 2025-04-20 8.0 High
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
CVE-2016-10095 1 Libtiff 1 Libtiff 2025-04-20 N/A
Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7 and 4.0.8 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.