Total
2763 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-14878 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-24 | 10.0 HIGH | 9.8 CRITICAL |
| A security flaw has been discovered in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/wirelessRestart of the component HTTP Request Handler. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-64469 | 1 Ni | 1 Labview | 2025-12-24 | N/A | 7.8 HIGH |
| There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | |||||
| CVE-2025-27151 | 1 Redis | 1 Redis | 2025-12-23 | N/A | 4.7 MEDIUM |
| Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exists in redis-check-aof due to the use of memcpy with strlen(filepath) when copying a user-supplied file path into a fixed-size stack buffer. This allows an attacker to overflow the stack and potentially achieve code execution. This issue has been patched in version 8.0.2. | |||||
| CVE-2025-34457 | 2025-12-23 | N/A | N/A | ||
| wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kiss_rec_byte() located in src/kiss_frame.c. When processing crafted KISS frames that reach the maximum allowed frame length (MAX_KISS_LEN), the function appends a terminating FEND byte without reserving sufficient space in the stack buffer. This results in an out-of-bounds write followed by an out-of-bounds read during the subsequent call to kiss_unwrap(), leading to stack memory corruption or application crashes. This vulnerability may allow remote unauthenticated attackers to trigger a denial-of-service condition. | |||||
| CVE-2025-15013 | 2025-12-23 | 4.3 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function _sg_validate_pipeline_desc in the library sokol_gfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The name of the patch is b95c5245ba357967220c9a860c7578a7487937b0. It is best practice to apply a patch to resolve this issue. | |||||
| CVE-2025-14665 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-22 | 10.0 HIGH | 9.8 CRITICAL |
| A security flaw has been discovered in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/DhcpListClient of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-66635 | 2025-12-22 | N/A | 7.2 HIGH | ||
| Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under [References]. | |||||
| CVE-2025-41732 | 1 Wago | 4 0852-1322, 0852-1322 Firmware, 0852-1328 and 1 more | 2025-12-19 | N/A | 9.8 CRITICAL |
| An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_cookie() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise. | |||||
| CVE-2025-41730 | 1 Wago | 4 0852-1322, 0852-1322 Firmware, 0852-1328 and 1 more | 2025-12-19 | N/A | 9.8 CRITICAL |
| An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise. | |||||
| CVE-2025-14654 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-12-19 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-14655 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-12-19 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing manipulation of the argument rebootTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2023-53879 | 1 Eyemaxsystems | 1 Nvclient | 2025-12-18 | N/A | 5.5 MEDIUM |
| NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact field that allows attackers to crash the application. Attackers can overwrite 846 bytes of memory by pasting a crafted payload into the contact box, causing a denial of service condition. | |||||
| CVE-2023-53886 | 1 Xlightftpd | 1 Xlight Ftp Server | 2025-12-18 | N/A | 7.5 HIGH |
| Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program' configuration that allows attackers to crash the application. Attackers can trigger the vulnerability by inserting 294 characters into the program execution configuration, causing a denial of service condition. | |||||
| CVE-2018-1125 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2025-12-17 | 5.0 MEDIUM | 7.5 HIGH |
| procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash. | |||||
| CVE-2025-66043 | 1 Libbiosig Project | 1 Libbiosig | 2025-12-17 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 3 | |||||
| CVE-2025-66044 | 1 Libbiosig Project | 1 Libbiosig | 2025-12-17 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 64 | |||||
| CVE-2025-66045 | 1 Libbiosig Project | 1 Libbiosig | 2025-12-17 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 65 | |||||
| CVE-2025-66046 | 1 Libbiosig Project | 1 Libbiosig | 2025-12-17 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 67 | |||||
| CVE-2025-66047 | 1 Libbiosig Project | 1 Libbiosig | 2025-12-17 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 131 | |||||
| CVE-2025-66048 | 1 Libbiosig Project | 1 Libbiosig | 2025-12-17 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 133 | |||||