CVE-2010-20114

CVE-2010-20114 affects VariCAD EN up to and including version 2010-2.05. The vulnerability is a stack-based buffer overflow in the parsing of .dwb drawing files, where input data length is not properly validated, allowing a crafted .dwb file to overwrite memory. This can be exploited locally by c...

CVE-2025-9299

CVE-2025-9299 affects Tenda M3 1.0.0.12. The vulnerability is in the /goform/getMasterPassengerAnalyseData::formGetMasterPassengerAnalyseData function, where unsafely handling the Time parameter allows a stack-based buffer overflow. This can be triggered remotely; the exploit has been disclosed p...

PT-2025-34304 · Unknown · Gekko Manager Ftp Client

Name of the Vulnerable Software and Affected Versions: Gekko Manager FTP Client versions prior to 0.78 Description: The software contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client does not validate the length...

PT-2025-34286 · Undefined · Undefined

Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured...

CVE-2025-9250

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function setPWDbyBBS of the file /goform/setPWDbyBBS. Such manipulation of the argument hint leads to stack-based buffer overflow. ...

CVE-2025-9252 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 DisablePasswordAlertRedirect stack-based overflow

A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function DisablePasswordAlertRedirect of the file /goform/DisablePasswordAlertRedirect. Executing manipulation...

CVE-2025-9247 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setVlan stack-based overflow

A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function setVlan of the file /goform/setVlan. The manipulation of the argument vlanset leads to stack-based buffer...

CVE-2011-10024 MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

CVE-2011-10021 Magix Musik Maker <= v16 .mmm Stack-Based Buffer Overflow

Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler SEH. By crafting a...

PT-2025-34049 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 versions V02.03.01.110 Description: A stack-based buffer overflow exists in the Cloud API functionality. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this...

Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2168 Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability August 20, 2025 CVE Number CVE-2025-32010 SUMMARY A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HT...

SUSE CVE-2025-8851

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is...

CVE-2025-9175

A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...

CVE-2025-9175

CVE-2025-9175 affects neurobin shc up to version 4.0.3. The vulnerability is in the make() function of src/shc.c, causing a stack-based buffer overflow that can be triggered locally. Public exploit appears to be available. Several sources corroborate a local-exploitation scenario with varying imp...

CVE-2024-45062

The CVE-2024-45062 issue affects OpenPrinting ippusbxd 1.34. A stack-based buffer overflow arises in ippusbxd when parsing the media-size-supported attribute during IPP-over-USB setup, potentially allowing arbitrary code execution in a privileged ippusbxd process after a malicious USB device is c...

CVE-2025-9089

A vulnerability was determined in Tenda AC20 16.03.08.12. This issue affects the function sub48E628 of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and...

OpenPrinting ippusbxd media-size-supported stack based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2071 OpenPrinting ippusbxd media-size-supported stack based buffer overflow vulnerability August 19, 2025 CVE Number CVE-2024-45062 SUMMARY A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer th...

CVE-2025-49564

Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-8949 D-Link DIR-825 httpd ping_response.cgi get_ping_app_stat stack-based overflow

A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function getpingappstat of the file pingresponse.cgi of the component httpd. The manipulation of the argument pingipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2011-10016

Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation...