CVE-2026-24640

A Stack-based Buffer Overflow vulnerability CWE-121 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection a...

PT-2026-24250

🚨 CVE-2026-30897 A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote authenticated attacker who can bypass stack protection and AS...

CVE-2026-22903

Affects lighttpd-based server variants (modified lighttpd) where an unauthenticated remote attacker can send a crafted HTTP request with an overly long SESSIONID cookie. The underlying issue is a stack buffer overflow, triggered by the oversized cookie, leading to server crashes and potentially r...

CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections...

CVE-2024-35279

CVE-2024-35279 is a stack-based buffer overflow in Fortinet FortiOS CAPWAP control handling that affects FortiOS 7.2.4–7.2.8 and 7.4.0–7.4.4. A remote, unauthenticated attacker can exploit crafted UDP packets to execute arbitrary code via the CAPWAP control path, assuming FortiOS stack protection...

CVE-2023-29182

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

Stack overflow

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

CVE-2023-29182

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

CVE-2021-31616

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...

CVE-2010-4259

Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...