Total
3582 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-7844 | 1 Wolfssl | 1 Wolftpm | 2026-04-15 | N/A |
| Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default `MAX_RSA_KEY_BITS=2048` is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than 2048 bits and your application calls `wolfTPM2_RsaKey_TpmToWolf` on that key, then a stack buffer could be overrun. If the `MAX_RSA_KEY_BITS` build-time macro is set correctly (RSA bits match what TPM hardware is capable of) for the hardware target, then a stack overrun is not possible. | ||||
| CVE-2019-25319 | 1 Internet-soft | 1 Domain Quester Pro | 2026-04-15 | 9.8 Critical |
| Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger an access violation and execute a bind shell on port 9999. | ||||
| CVE-2025-6072 | 1 Abb | 2 Rmc-100, Rmc-100-lite | 2026-04-15 | 7.5 High |
| Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | ||||
| CVE-2024-53309 | 2026-04-15 | 5.5 Medium | ||
| A stack-based buffer overflow vulnerability exists in Effectmatrix Total Video Converter Command Line (TVCC) 2.50 when an overly long string is passed to the "-f" parameter. This can lead to memory corruption, potentially allowing arbitrary code execution or causing a denial of service via specially crafted input. | ||||
| CVE-2024-47939 | 2026-04-15 | N/A | ||
| Stack-based buffer overflow vulnerability exists in multiple laser printers and MFPs which implement Ricoh Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. As for the details of affected product names and versions, refer to the information provided by the vendors under [References]. | ||||
| CVE-2020-36971 | 1 Nidesoft | 1 3gp Video Converter | 2026-04-15 | 8.4 High |
| Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system. | ||||
| CVE-2024-53621 | 1 Tenda | 1 Ac1206 | 2026-04-15 | 7.5 High |
| A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 11ac US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-58299 | 2 Pcman, Wftpserver | 2 Ftp Server, Wing Ftp Server | 2026-04-15 | 9.8 Critical |
| PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access. | ||||
| CVE-2025-5555 | 1 Dieboldnixdorf | 1 Wincor | 2026-04-15 | 7.8 High |
| A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub_11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0.1 is able to mitigate this issue. Upgrading the affected component is recommended. The vendor was contacted beforehand and was able to provide a patch very early. | ||||
| CVE-2025-7623 | 1 Supermicro | 1 Mbd-x13sedw-f | 2026-04-15 | 5.4 Medium |
| Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system | ||||
| CVE-2025-23283 | 1 Nvidia | 1 Gpu Display Driver | 2026-04-15 | 7.8 High |
| NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | ||||
| CVE-2023-5395 | 1 Honeywell | 1 Experion Server | 2026-04-15 | 8.1 High |
| Server receiving a malformed message that uses the hostname in an internal table may cause a stack overflow resulting in possible remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning. | ||||
| CVE-2024-45413 | 1 Zte | 10 Zxhn E1600 Firmware, Zxhn E2603 Firmware, Zxhn E2615 Firmware and 7 more | 2026-04-15 | 8.1 High |
| The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. This function is an API wrapper for LUA to decrypt RSA encrypted ciphertext, the decrypted data is stored on the stack without checking its length. An authenticated attacker can get RCE as root by exploiting this vulnerability. | ||||
| CVE-2025-3916 | 2026-04-15 | N/A | ||
| CWE-121: Stack-based Buffer Overflow vulnerability exists that could cause local attackers being able to exploit these issues to potentially execute arbitrary code while the end user opens a malicious project file (SSD file) provided by the attacker. | ||||
| CVE-2020-37013 | 1 Tucows | 1 Audio Playback Recorder | 2026-04-15 | 8.4 High |
| Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application's input fields. | ||||
| CVE-2025-34165 | 2 Netsupport, Netsupportsoftware | 3 Netsupport Manager Agent, Netsupport Manager Client, Netsupport Manager | 2026-04-15 | N/A |
| A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially leak a limited amount of memory. | ||||
| CVE-2025-26382 | 2026-04-15 | N/A | ||
| Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue | ||||
| CVE-2010-20042 | 2026-04-15 | N/A | ||
| Xion Audio Player versions prior to 1.0.126 are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code. | ||||
| CVE-2020-37182 | 1 Troglobit | 1 Redir | 2026-04-15 | 7.5 High |
| Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in program termination. | ||||
| CVE-2012-10031 | 1 Blazevideo | 1 Hdtv Player | 2026-04-15 | N/A |
| BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When parsing a crafted .plf file, the MediaPlayerCtrl.dll component invokes PathFindFileNameA() to extract a filename from a URL-like string. The returned value is then copied to a fixed-size stack buffer using an inline strcpy call without bounds checking. If the input exceeds the buffer size, this leads to a stack overflow and potential arbitrary code execution under the context of the user. | ||||