CVE-2025-66048

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 133...

CVE-2025-66047

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 131...

CVE-2025-66043

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 3...

PT-2025-50645

Name of the Vulnerable Software and Affected Versions libbiosig version 3.9.1 Description The software contains stack-based buffer overflow flaws in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to...

PT-2025-50735

Name of the Vulnerable Software and Affected Versions AzeoTech DAQFactory version 20.7 Build 2555 Description A stack-based buffer overflow exists in AzeoTech DAQFactory release 20.7 Build 2555. This issue can be triggered by processing specially crafted .ctl files, leading to memory corruption...

Security Bulletin: IBM® Db2® is vulnerable to a stack-based buffer overflow (CVE-2025-33092)

Summary IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. Vulnerability Details CVEID:CVE-2025-33092...

Security Bulletin: IBM® Db2® is affected by a vulnerability in the corosync library. (CVE-2025-30472)

Summary If encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet. Note, this vulnerability has been fixed in Corosync 3.1.7-3 for Db2 11.5.9 and Corosync 3.1.8-6 for Db2 12.1.2 and late...

CVE-2025-14134 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow

A vulnerability was determined in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RE2000v2RepeatergetwirelessclientlistsetClientsName of the file modform.so. Executing manipulation of the...

CVE-2025-11783

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is found in the 'AddEvent' function when copying the user-controlled username input to a fixed-size buffer 48 bytes without boundary checking. This can lead to memory corruption, resulting in...

CVE-2025-11780

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...

CVE-2025-11778

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

CVE-2025-11782

CVE-2025-11782 affects Circutor SGE-PLC1000/SGE-PLC50 (v9.0.2). The ShowDownload() function uses sprintf() to format a string with user-controlled GetParameter(meter) input into a fixed 64-byte buffer (acStack_4c) without length checks, enabling a stack-based overflow if meter exceeds the buffer....

CVE-2025-11780

CVE-2025-11780 describes a stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability stems from an unlimited user input retrieved via GetParameter(meter) being copied into a fixed-size buffer in the function showMeterReport() using sprintf() without size validation. ...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by a denial of service in glassfish jso np and vulnerable to CVE-2025-36097

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by a denial of service in glassfish jso np and vulnerable to CVE-2025-36097. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

OpenPrinting CUPS vulnerable to stack based out-of-bound write

...

CVE-2025-64657

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-40601

A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS, which could cause an impacted firewall to crash...

Azure Application Gateway Elevation of Privilege Vulnerability

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network...

PT-2025-47652

Name of the Vulnerable Software and Affected Versions Azure Application Gateway affected versions not specified Description A stack-based buffer overflow exists in Azure Application Gateway. This allows an unauthorized attacker to elevate privileges over a network. The issue requires no...

CVE-2025-58413

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute...