6897 matches found
CVE-2020-36885 Sony IPELA Network Camera 1.82.01 Remote Stack Buffer Overflow via ftpclient.cgi
Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.cgi endpoint that allows remote attackers to execute arbitrary code. Attackers can exploit the vulnerability by sending a crafted POST request with oversized data to the FTP client functionality,...
CVE-2025-41730
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
Linksys E1200 Router Firmware <= 2.0.11.001 Multiple Vulnerabilities
Linksys E1200 routers are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-13654 CVE-2025-13654
A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...
CVE-2025-13654
The CVE-2025-13654 issue affects the duc tool (disk usage analyzer). The vulnerability is a stack/underflow in buffer_get that can trigger an out-of-bounds read. OpenSUSE/SUSE and Fedora advisories indicate the fix is in version 1.4.6 of duc (update to 1.4.6). Descriptions confirm the root cause ...
ABB Terra AC wallbox 安全漏洞
The ABB Terra AC wallbox is ABB's superior EV home charger, offering high value quality, future-proof flexibility, and advanced security and protection. A security vulnerability exists in ABB Terra AC wallbox version 1.8.33 and earlier, which originates from a stack buffer overflow...
CVE-2025-12970
The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...
EUVD-2025-199585
A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...
CVE-2025-59365
A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...
RockyLinux 9 : gimp (RLSA-2025:21968)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21968 advisory. gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 gimp: GIMP ICNS File Parsing Out-Of-Bounds Wri...
Tenda AC21 安全漏洞
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
CVE-2025-8727 A stack buffer overflow vulnerability exists in the Supermicro BMC Web function(SSL).
There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...
EUVD-2025-197956
There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...
Linksys E1200 Stack Buffer Overflow Vulnerability
The Linksys E1200 is a router from Linksys USA. The Linksys E1200 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause the execution of arbitrary code or a denial of service...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53680)
ipvs: vulnerability causes undefined behavior due to uninitialized stack access in ipvsprotocolinit, which is fixed by zeroing the on-stack buffer to prevent out-of-bound accesses. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...
Supermicro BMC 安全漏洞
The SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the Supermicro BMC Shared library that originates from a stack buffer overflow and could lead to arbitrary code execution...
Supermicro BMC Firmware 安全漏洞
Supermicro BMC Firmware is a system firmware from Supermicro Corporation USA. A security vulnerability exists in Supermicro BMC Firmware that originates from a stack buffer overflow in the BMC Web function that could lead to arbitrary code execution...
EUVD-2025-175334
A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The applycgi and blockcgi functions copy user-supplied input from the "url" CGI parameter into stack buffers v36, v29 using sprintf without bounds checking. Because these buffe...
CVE-2025-60691
A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The applycgi and blockcgi functions copy user-supplied input from the "url" CGI parameter into stack buffers v36, v29 using sprintf without bounds checking. Because these buffe...
CVE-2025-60686
A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers A720R V4.1.5cu.614B20230630, LR1200GB V9.1.0u.6619B20230130, and NR1800X V9.1.0u.6681B20230703. Both programs parse the contents of /proc/net/arp using sscanf with "%s" format...