Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

CVE-2025-22457 CVE-2025-22457: Python Exploit POC Scanner to D...

CVE-2025-3289 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow through the manipulation of the pathtoincludes argument. Remediation There is no fixed version for stb. References - GitHub Issue...

CVE-2025-3409 Nothings stb stb_include_string stack-based overflow

A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...

CVE-2025-3409

CVE-2025-3409 affects the Nothings stb library up to f056911, specifically the function stb_include_string. The vulnerability arises from manipulating the path_to_includes argument, causing a stack-based buffer overflow that can be exploited remotely. The project uses stb without versioning, and ...

CVE-2025-3266 qinguoyi TinyWebServer http_conn.cpp stack-based overflow

A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...

CVE-2025-3266 qinguoyi TinyWebServer http_conn.cpp stack-based overflow

A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...

CVE-2025-3259

CVE-2025-3259 affects Tenda RX3 (version 16.03.13.11). The vulnerability lies in the formSetDeviceName function of /goform/SetOnlineDevName, where manipulating the devName argument triggers a stack-based buffer overflow. It is network-exploitable with low attack complexity and requires low privil...

CVE-2025-3259 Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely...

CVE-2025-3203 Tenda W18E setModules formSetAccountList stack-based overflow

A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2025-3196 Open Asset Import Library Assimp Malformed File MD2Loader.cpp InternReadFile stack-based overflow

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the argument Name leads ...

Ivanti Connect Secure CVE-2025-22457 exploited in the wild

On Thursday, April 3, 2025, Ivanti disclosed a critical severity vulnerability affecting Ivanti Connect Secure, Pulse Connect Secure, Policy Secure, and ZTA Gateways. CVE-2025-22457 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the...

CVE-2025-3166 code-projects Product Management System Search Product Menu search_item stack-based overflow

A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function searchitem of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to...

CVE-2025-3166 code-projects Product Management System Search Product Menu search_item stack-based overflow

A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function searchitem of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to...

CVE-2025-3161 Tenda AC10 ShutdownSetAdd stack-based overflow

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

CVE-2025-3007 Novastar CX40 NetFilter Utility netconfig getopt stack-based overflow

A vulnerability was found in Novastar CX40 up to 2.44.0. It has been rated as critical. This issue affects the function getopt of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation of the argument cmd/netmask/pipeout/nettask leads to stack-based buffer overflow...

CVE-2025-3007 Novastar CX40 NetFilter Utility netconfig getopt stack-based overflow

A vulnerability was found in Novastar CX40 up to 2.44.0. It has been rated as critical. This issue affects the function getopt of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation of the argument cmd/netmask/pipeout/nettask leads to stack-based buffer overflow...

CVE-2025-2621 D-Link DAP-1620 storage check_dws_cookie stack-based overflow

A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function checkdwscookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2025-2620 D-Link DAP-1620 Authentication storage mod_graph_auth_uri_handler stack-based overflow

A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function modgraphauthurihandler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated...

CVE-2025-2619 D-Link DAP-1620 Cookie storage check_dws_cookie stack-based overflow

A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function checkdwscookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit h...