CVE-2025-6663

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2025-6663 GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2025-6663

GStreamer H266 Codec Parsing vulnerability: parsing of H266 sei messages allows a stack-based buffer overflow leading to remote code execution. Root cause is lack of proper validation of user-supplied data length before copying to a fixed-length stack buffer. Attack requires interaction with the ...

CVE-2025-7093

CVE-2025-7093 : Belkin F9K1122 (firmware 1.00.33) has a stack-based buffer overflow in the webs component, specifically in formSetLanguage (/goform/formSetLanguage) when processing the webpage argument. This write overflow can be triggered remotely and has been publicly disclosed. Multiple source...

CVE-2025-7092 Belkin F9K1122 webs formWlanSetupWPS stack-based overflow

A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. This vulnerability affects the function formWlanSetupWPS of the file /goform/formWlanSetupWPS of the component webs. The manipulation of the argument wpsenroleepin/webpage leads to stack-based buffer overflow. Th...

CVE-2025-7089

A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. This issue affects the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component webs. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack may be...

CVE-2025-7089

CVE-2025-7089 – Belkin F9K1122 (1.00.33) affects the webs component via the function formWanTcpipSetup in /goform/formWanTcpipSetup. The root cause is a stack-based overflow triggered by manipulating the pppUserName parameter, enabling remote exploitation. Public exploit exists and vendor has not...

CVE-2025-7085

A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. This issue affects the function formiNICWpsStart of the file /goform/formiNICWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack may be initiat...

CVE-2025-7084

A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. This vulnerability affects the function formWpsStart of the file /goform/formWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack can be...

CVE-2025-7084

Belkin F9K1122 (1.00.33) is affected by a stack-based overflow in the web component function formWpsStart (/goform/formWpsStart) caused by manipulating the pinCode argument. The vulnerability can be exploited remotely; public exploit details exist per CVE records. Multiple sources confirm the iss...

PT-2025-29191 · Tenda · Tenda O3V2

Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: A critical vulnerability exists in Tenda O3V2. The setAutoReboot function within the /goform/setNetworkService file of the httpd component is affected. Manipulation of the week argument causes a...

PT-2025-29192 · Tenda · Tenda O3V2

Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: A critical vulnerability exists in the Tenda O3V2 device. The vulnerability is located within the formWifiMacFilterSet function of the httpd component, specifically in the file...

CVE-2025-6072

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.Thi...

PT-2025-27816 · Abb · Abb Rmc-100 Lite +1

Name of the Vulnerable Software and Affected Versions: ABB RMC-100 versions 2105457-043 through 2105457-045 ABB RMC-100 LITE versions 2106229-015 through 2106229-016 Description: The issue is a Stack-based Buffer Overflow vulnerability. When the REST interface is enabled and an attacker gains...

CVE-2025-6886

A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be...

PT-2025-28805 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 2.10 Description: A critical vulnerability exists in the D-Link DIR-825 router. This issue affects the sub 410DDC function within the switch language.cgi file of the httpd component. Manipulation of the Language paramet...

PT-2025-27358

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.14.6 Description: A stack-based buffer overflow issue has been found, affecting the function H5G node cmp3 in the file src/H5Gnode.c. This issue can be exploited locally. Recommendations: For HDF5 version 1.14.6, consider...

Security Bulletin: Due to use of Corosync, IBM MQ is vulnerable to a stack-based buffer overflow

Summary Corosync is used by IBM MQ as part of the RDQM component CVE-2025-30472 Vulnerability Details CVEID:CVE-2025-30472 DESCRIPTION: Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in...

CVE-2025-5829

Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers...

CVE-2025-6616

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWANWizard51 of the file /goform/formSetWANWizard51. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated...