Total
2901 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3613 | 2026-03-06 | 8.3 HIGH | 7.2 HIGH | ||
|
A vulnerability was identified in Wavlink WL-NU516U1 V240425. This vulnerability affects the function sub_401A0C of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.
|
|||||
| CVE-2025-69195 | 1 Gnu | 1 Wget2 | 2026-03-05 | N/A | 7.6 HIGH |
|
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities.
|
|||||
| CVE-2025-70223 | 2026-03-05 | N/A | 9.8 CRITICAL | ||
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork.
|
|||||
| CVE-2025-70218 | 2026-03-05 | N/A | 9.8 CRITICAL | ||
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via POST to the goform/formAdvFirewall component.
|
|||||
| CVE-2025-70219 | 2026-03-05 | N/A | 9.8 CRITICAL | ||
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot.
|
|||||
| CVE-2025-70220 | 2026-03-05 | N/A | 9.8 CRITICAL | ||
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4.
|
|||||
| CVE-2025-70226 | 2026-03-05 | N/A | 9.8 CRITICAL | ||
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard.
|
|||||
| CVE-2025-70222 | 2026-03-05 | N/A | 9.8 CRITICAL | ||
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin,goform/getAuthCode.
|
|||||
| CVE-2025-70221 | 2026-03-05 | N/A | 9.8 CRITICAL | ||
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin.
|
|||||
| CVE-2025-70225 | 2026-03-05 | N/A | 9.8 CRITICAL | ||
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curtime parameter to the goform/formEasySetupWWConfig component
|
|||||
| CVE-2026-3439 | 1 Sonicwall | 33 Nsa 2700, Nsa 2800, Nsa 3700 and 30 more | 2026-03-05 | N/A | 4.9 MEDIUM |
|
A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall.
|
|||||
| CVE-2019-25434 | 1 Nsasoft | 1 Spotauditor | 2026-03-05 | N/A | 7.5 HIGH |
|
SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field during registration to trigger an unhandled exception that crashes the application.
|
|||||
| CVE-2025-70236 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-04 | N/A | 9.8 CRITICAL |
|
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDomainFilter.
|
|||||
| CVE-2026-28422 | 1 Vim | 1 Vim | 2026-03-04 | N/A | 2.2 LOW |
|
Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue.
|
|||||
| CVE-2025-69765 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-03-04 | N/A | 7.5 HIGH |
|
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution.
|
|||||
| CVE-2025-70252 | 2026-03-03 | N/A | 7.5 HIGH | ||
|
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23_multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability.
|
|||||
| CVE-2026-3400 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-03-03 | 9.0 HIGH | 8.8 HIGH |
|
A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
|
|||||
| CVE-2019-25321 | 1 Internet-soft | 1 Ftp Navigator | 2026-03-03 | N/A | 9.8 CRITICAL |
|
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.
|
|||||
| CVE-2019-25329 | 1 Internet-soft | 1 Ftp Navigator | 2026-03-03 | N/A | 7.5 HIGH |
|
FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler (SEH) with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger a program crash when pasted into the custom command input.
|
|||||
| CVE-2025-9820 | 2026-03-02 | N/A | 4.0 MEDIUM | ||
|
A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privileg ...
Show More |
|||||
| CVE-2026-23747 | 2026-02-27 | N/A | 3.7 LOW | ||
|
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helpers copy network-supplied payload data into fixed-size stack buffers using memcpy() with a length derived from payload_size. The only length checks are guarded by assert(); in release builds, the asserts are compiled out and memcpy() may copy an unbounded payload_size. Payloads larger than 12 bytes (i ...
Show More |
|||||
| CVE-2026-27821 | 2026-02-27 | N/A | N/A | ||
|
GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in `src/filters/dmx_nhml.c`. The value of the xmlHeaderEnd XML attribute is copied from att->value into szXmlHeaderEnd[1000] using strcpy() without any length validation. If the input exceeds 1000 bytes, it overwrites beyond the stack buffer boundary. Commit 9bd7137fded2db40de61a2cf3045812c8741ec52 patches the issue.
|
|||||
| CVE-2026-24497 | 2026-02-27 | N/A | N/A | ||
|
Stack-based Buffer Overflow vulnerability in SimTech Systems, Inc. ThinkWise allows Remote Code Inclusion.This issue affects ThinkWise: from 7 through 23.
|
|||||
| CVE-2019-25363 | 1 Alloksoft | 1 Wmv To Avi Mpeg Dvd Wmv Convertor | 2026-02-26 | N/A | 7.5 HIGH |
|
WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to crash the application by providing an oversized license input. Attackers can generate a 6000-byte payload and paste it into the 'License Name and License Code' field to trigger an application crash.
|
|||||
| CVE-2026-22923 | 1 Siemens | 1 Nx | 2026-02-26 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in NX (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.
|
|||||
| CVE-2026-0399 | 1 Sonicwall | 33 Nsa 2700, Nsa 2800, Nsa 3700 and 30 more | 2026-02-26 | N/A | 4.9 MEDIUM |
|
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.
|
|||||
| CVE-2025-20732 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | N/A | 5.3 MEDIUM |
|
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441510; Issue ID: MSV-4139.
|
|||||
| CVE-2019-25435 | 1 Sricam | 1 Deviceviewer | 2026-02-26 | N/A | 7.8 HIGH |
|
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User Management to trigger a stack-based buffer overflow and execute commands via ROP chain gadgets.
|
|||||
| CVE-2025-37169 | 1 Arubanetworks | 1 Arubaos | 2026-02-25 | N/A | 7.2 HIGH |
|
A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system.
|
|||||
| CVE-2018-5410 | 1 Dokan-dev | 1 Dokany | 2026-02-25 | 7.2 HIGH | 7.8 HIGH |
|
Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.
|
|||||
| CVE-2026-3137 | 1 Codeastro | 1 Food Ordering System | 2026-02-25 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food_ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2026-25967 | 1 Imagemagick | 1 Imagemagick | 2026-02-25 | N/A | 7.4 HIGH |
|
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash. Version 7.1.2-15 contains a patch.
|
|||||
| CVE-2026-25968 | 1 Imagemagick | 1 Imagemagick | 2026-02-25 | N/A | 7.4 HIGH |
|
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
|
|||||
| CVE-2026-3044 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument boundary leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2019-25364 | 1 Tabslab | 1 Mailcarrier | 2026-02-24 | N/A | 9.8 CRITICAL |
|
MailCarrier 2.51 contains a buffer overflow vulnerability in the POP3 USER command that allows remote attackers to execute arbitrary code. Attackers can send a crafted oversized buffer to the POP3 service, overwriting memory and potentially gaining remote system access.
|
|||||
| CVE-2025-69700 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2026-02-24 | N/A | 7.5 HIGH |
|
Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in the modify_add_client_prio function, which is reachable via the formSetClientPrio CGI handler.
|
|||||
| CVE-2022-22989 | 1 Westerndigital | 11 My Cloud, My Cloud Dl2100, My Cloud Dl4100 and 8 more | 2026-02-24 | 7.5 HIGH | 9.8 CRITICAL |
|
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues.
|
|||||
| CVE-2026-25727 | 1 Time Project | 1 Time | 2026-02-24 | N/A | 6.5 MEDIUM |
|
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary, non-malicious input will never encounter this scenario. A limit to the depth of recursion was added in v0.3.47. From this version, an er ...
Show More |
|||||
| CVE-2020-37161 | 1 Wedding-slideshow-studio | 1 Wedding Slideshow Studio | 2026-02-24 | N/A | 9.8 CRITICAL |
|
Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the registration name field with malicious payload. Attackers can craft a specially designed payload to trigger remote code execution, demonstrating the ability to run system commands like launching the calculator.
|
|||||
| CVE-2025-12214 | 1 Tenda | 2 O3, O3 Firmware1.0.0.10\(2478\) | 2026-02-24 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was detected in Tenda O3 1.0.0.10(2478). This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
|
|||||