CVE-2025-6110

A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14408. This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6170

CVE-2025-6170 affects libxml2’s xmllint interactive shell. A stack-based buffer overflow in the command-parsing logic can cause crashes and, in rare configurations, may allow code execution. Related connected documents show patches/updates across distributions: Debian LTS advisory and Debian secu...

CVE-2025-6111 Tenda FH1205 VirtualSer fromVirtualSer stack-based overflow

A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7775. This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has bee...

TencentOS Server 4: json-c (TSSA-2025:0146)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0146 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-6021 Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

CVE-2025-6021 Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

SUSE CVE-2025-47806

In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash...

CVE-2025-5969

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN00425fd8 of the file /biurlgrou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched...

NETGEAR EX3700 安全漏洞

The NETGEAR EX3700 is a dual-band wireless accessor with a maximum transmission rate of 750Mbps. The NETGEAR EX3700 suffers from a stack buffer overflow vulnerability that stems from the lack of proper validation of user-supplied data in the function sub41619C in file/mtd, which can be exploited ...

D-Link DIR-632 安全漏洞

D-Link DIR-632 is a wireless router for small business and SOHO users, supporting IEEE 802.11n and IEEE 802.11g wireless standards, with a maximum theoretical transfer rate of 300Mbps and equipped with eight 10/100Mbps LAN ports. A stack buffer overflow vulnerability exists in the D-Link DIR-632...

CVE-2025-5863 Tenda AC5 SetRebootTimer formSetRebootTimer stack-based overflow

A vulnerability was found in Tenda AC5 15.03.06.47. It has been classified as critical. Affected is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to launch the attack remotely. T...

The vulnerability of IBM DB2 database management systems and IBM DB2 Connect Server lies in buffer overflows in the stack, which allows attackers to cause service interruptions.

The vulnerability of IBM DB2 database management systems, including IBM DB2 Connect Server, is related to buffer overflows in the stack. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted requests...

NewStart CGSL MAIN 7.02 : gstreamer1-plugins-bad-free Vulnerability (NS-SA-2025-0083)

The remote NewStart CGSL host, running version MAIN 7.02, has gstreamer1-plugins-bad-free packages installed that are affected by a vulnerability: - GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...

CVE-2025-5799

CVE-2025-5799 affects Tenda AC8 16.03.34.09. The vulnerable component is the function fromSetWirelessRepeat in the file /goform/WifiExtraSet, where manipulating the argument wpapsk_crypto leads to a stack-based buffer overflow. Attacks can be initiated remotely over the network, and multiple sour...

D-Link DIR-816 Router Stack Buffer Overflow Vulnerability

The D-Link DIR-816 is a wireless router for homes and small offices SOHO that supports dual-band 2.4GHz and 5GHz wireless networking. A stack buffer overflow vulnerability exists in the D-Link DIR-816. The vulnerability stems from the incorrect operation of the parameter dipaddress/sipaddress in...

Tenda CH22 Stack Buffer Overflow Vulnerability

The Tenda CH22 is an enterprise-grade wireless router for small to medium-sized businesses or home office environments. It supports single-band 2.4GHz wireless networks with a maximum transmission rate of up to 450Mbps. A stack buffer overflow vulnerability exists in the Tenda CH22. The...

CVE-2025-5630

A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerability affects unknown code of the file /goform/form2lansetup.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has bee...

The vulnerability of the NTFS file system of the Windows operating system, which allows a hacker to execute arbitrary code

The vulnerability of the NTFS file system in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code...

RHEL 10 : corosync (RHSA-2025:7478)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7478 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosync: Stack...

CVE-2025-5572 D-Link DCS-932L setSystemEmail stack-based overflow

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The attack can be launched...