34188 matches found
CVE-2025-11918
Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. The specific flaw exists within the parsing of DOE files. Local attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of Arena®. Exploiting the vulnerability...
CVE-2025-11918 Rockwell Automation Arena® Simulation Stack-Based Buffer Overflow Vulnerability
Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. The specific flaw exists within the parsing of DOE files. Local attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of Arena®. Exploiting the vulnerability...
OESA-2025-2674 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML...
OESA-2025-2673 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML...
OESA-2025-2672 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML...
CVE-2025-7704
Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability...
Security Bulletin: Security vulnerability affect IBM Business Automation Workflow - CVE-2025-52999
Summary IBM Business Automation Workflow Case documentation in before 25.0.0 built upon a version of DITA, which packages a vulnerable copy of jackson-core. Vulnerability Details CVEID:CVE-2025-52999 DESCRIPTION: jackson-core contains core low-level incremental "streaming" parser and generator...
CVE-2025-60691
A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The applycgi and blockcgi functions copy user-supplied input from the "url" CGI parameter into stack buffers v36, v29 using sprintf without bounds checking. Because these buffe...
CVE-2025-60674
A stack buffer overflow vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin in the rc binary's USB storage handling module. The vulnerability occurs when the "Serial Number" field from a USB device is read via sscanf into a 64-byte stack buffer, while fgets reads up to 127...
CVE-2025-60686
A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers A720R V4.1.5cu.614B20230630, LR1200GB V9.1.0u.6619B20230130, and NR1800X V9.1.0u.6681B20230703. Both programs parse the contents of /proc/net/arp using sscanf with "%s" format...
CVE-2025-60685
A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary sub401EE0 function. The binary reads the /proc/stat file using fgets into a local buffer and subsequently parses the line using sscanf into a single-byte variable with the %s forma...
Tenda AC18 guestSsid Parameter Stack Buffer Overflow Vulnerability
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 has a stack buffer overflow vulnerability, which originates from the /goform/WifiGuestSet interface guestSsid parameter fails to correctly...
TOTOLINK A7000R urldecode function stack buffer overflow vulnerability
TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability, which stems from the ssid parameter of the urldecode function failing...
Tenda AX3 fromSetWifiGusetBasic function stack buffer overflow vulnerability
Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from the shareSpeed parameter...
Tenda AX3 wlSetExternParameter function stack buffer overflow vulnerability
Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from the wpapskcrypto paramet...
Tenda AX-1803 SetSysTimeCfg function stack buffer overflow vulnerability
Tenda AX-1803 is a dual-band Gigabit WiFi6 wireless router from Tenda that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1774Mbps for home or small office scenarios. The Tenda AX-1803 suffers from a stack buffer overflow vulnerability that originates from the time...
D-Link DIR-816L 安全漏洞
The D-Link DIR-816L is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816L version 206b09beta, which originates from a misbehavior of the parameter Password in the file /authentication.cgi, which could lead to a stack-based buffer overflow...
Rockwell Automation Arena 安全漏洞
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. Rockwell Automation Arena suffers from a stack buffer overflow vulnerability that originates when the program fails to properly validate the length and size of input data, which could be...
Unity Linux 20.1070e Security Update: libxslt (UTSA-2025-990908)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990908 advisory. Uncontrolled recursion inXPath evaluationin libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPa...
TOTOLINK A7000R Stack Buffer Overflow Vulnerability
TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability that originates from the urldecode function's addEffect parameter...