Total
2767 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23934 | 2025-08-26 | N/A | 8.8 HIGH | ||
| Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WMV/ASF files. A crafted Extended Content Description Object in a WMV media file can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. . Was ZDI-CAN-22994. | |||||
| CVE-2024-23933 | 2025-08-26 | N/A | 6.8 MEDIUM | ||
| Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Apple CarPlay protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23238 | |||||
| CVE-2025-53418 | 2025-08-26 | N/A | 8.6 HIGH | ||
| Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability. | |||||
| CVE-2014-0753 | 1 Ecava | 1 Integraxor | 2025-08-26 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the IntegraXor directory. | |||||
| CVE-2025-9299 | 1 Tenda | 2 M3, M3 Firmware | 2025-08-25 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in Tenda M3 1.0.0.12. Affected by this vulnerability is the function formGetMasterPassengerAnalyseData of the file /goform/getMasterPassengerAnalyseData. The manipulation of the argument Time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-9298 | 1 Tenda | 2 M3, M3 Firmware | 2025-08-25 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda M3 1.0.0.12. Affected is the function formQuickIndex of the file /goform/QuickIndex. Executing manipulation of the argument PPPOEPassword can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2025-55482 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-08-25 | N/A | 7.5 HIGH |
| Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function. | |||||
| CVE-2025-55498 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-08-25 | N/A | 7.5 HIGH |
| Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. | |||||
| CVE-2010-20049 | 2025-08-22 | N/A | N/A | ||
| LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application fails to properly bound-check the input and overwrites the Structured Exception Handler (SEH) chain. This allows an attacker operating a malicious FTP server to execute arbitrary code on the victim’s machine when the file is listed or downloaded. | |||||
| CVE-2011-10021 | 2025-08-22 | N/A | N/A | ||
| Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy() operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler (SEH). By crafting a malicious .mmm file, an attacker can trigger the overflow when the file is opened, potentially leading to arbitrary code execution. This vulnerability was remediated in version 17. | |||||
| CVE-2011-10023 | 2025-08-22 | N/A | N/A | ||
| MJM QuickPlayer (likely now referred to as MJM Player) version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code. Exploitation is achieved via a crafted payload that bypasses DEP and ASLR protections using ROP techniques, and requires user interaction to open the file. | |||||
| CVE-2010-10014 | 2025-08-22 | N/A | N/A | ||
| Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrites the Structured Exception Handler (SEH). This allows remote attackers to execute arbitrary code on the client system. | |||||
| CVE-2010-20045 | 2025-08-22 | N/A | N/A | ||
| FileWrangler <= 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires passive user interaction—simply connecting to the server—without further input. Successful exploitation may lead to arbitrary code execution. | |||||
| CVE-2010-20010 | 2025-08-22 | N/A | N/A | ||
| Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Handler (SEH) chain, and lead to arbitrary code execution in the context of the user who opens the file. | |||||
| CVE-2011-10024 | 2025-08-22 | N/A | N/A | ||
| MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain. | |||||
| CVE-2011-10027 | 2025-08-22 | N/A | N/A | ||
| AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms. | |||||
| CVE-2010-20042 | 2025-08-22 | N/A | N/A | ||
| Xion Audio Player versions prior to 1.0.126 are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code. | |||||
| CVE-2010-20107 | 2025-08-22 | N/A | N/A | ||
| A stack-based buffer overflow exists in FTP Synchronizer Professional <= v4.0.73.274. When the client connects to an FTP server and issues a LIST command—typically during sync preview or profile creation—the server’s response containing an overly long filename triggers a buffer overflow. This results in the corruption of the Structured Exception Handler (SEH), potentially allowing remote code execution. | |||||
| CVE-2010-20123 | 2025-08-22 | N/A | N/A | ||
| Steinberg MyMP3Player version 3.0 (build 3.0.0.67) is vulnerable to a stack-based buffer overflow when parsing .m3u playlist files. The application fails to properly validate the length of input data within the playlist, allowing a specially crafted file to overwrite critical memory structures and execute arbitrary code. This vulnerability can be exploited locally by convincing a user to open a malicious .m3u file. | |||||
| CVE-2010-20112 | 2025-08-22 | N/A | N/A | ||
| Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign may result in unintended control flow behavior. This vulnerability is exposed through IIS and affects legacy Windows deployments | |||||