CVE-2025-3409

A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...

CVE-2025-3409

A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow through the manipulation of the pathtoincludes argument. Remediation There is no fixed version for stb. References - GitHub Issue...

CVE-2025-3409 Nothings stb stb_include_string stack-based overflow

A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...

CVE-2025-3409 Nothings stb stb_include_string stack-based overflow

A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...

CVE-2025-3409

CVE-2025-3409 affects the Nothings stb library up to f056911, specifically the function stb_include_string. The vulnerability arises from manipulating the path_to_includes argument, causing a stack-based buffer overflow that can be exploited remotely. The project uses stb without versioning, and ...

CVE-2025-3409

A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...

Adobe FrameMaker 2020 < 16.0.8 (2020.0.8) / Adobe FrameMaker 2022 < 17.0.6 (2022.0.6) Multiple Vulnerabilities (APSB25-33)

The version of Adobe FrameMaker installed on the remote Windows host is prior to Adobe FrameMaker 2020 16.0.8 / Adobe FrameMaker 2022 17.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-33 advisory. - Out-of-bounds Write CWE-787 potentially leading to...

PT-2025-17391 · Tenda · Tenda I24 +1

Name of the Vulnerable Software and Affected Versions: Tenda W12 and i24 versions 3.0.0.42887 through 3.0.0.53644 Description: A critical vulnerability was found in the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the arguments hostIp1 and hostIp2 leads to a stack-bas...

PT-2025-15352 · Unknown +1 · Nothings Stb +1

Name of the Vulnerable Software and Affected Versions: Nothings stb up to f056911 Description: A critical vulnerability has been found in Nothings stb, affecting the stb include string function. The manipulation of the path to includes argument leads to a stack-based buffer overflow. This issue c...

PT-2025-17260 · D Link · D-Link Dwr-M961

Name of the Vulnerable Software and Affected Versions: D-Link DWR-M961 version 1.1.36 Description: A critical vulnerability has been found in the Authorization Interface component of the D-Link DWR-M961, affecting the file /boafrm/formStaticDHCP. The manipulation of the Hostname argument leads to...

CVE-2025-3266

A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...

CVE-2025-3259

A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely...

CVE-2025-3203

A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The...

Updated corosync packages fix security vulnerability

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet. CVE-2025-30472...

MGASA-2025-0127 Updated corosync packages fix security vulnerability

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet. CVE-2025-30472...

CVE-2025-3166

A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function searchitem of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to...

CVE-2025-3161

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

CVE-2025-3266

A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...

CVE-2025-3266 qinguoyi TinyWebServer http_conn.cpp stack-based overflow

A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...