Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the scanForGeometryContainers function. An attacker can achieve arbitrary code execution by supplying a crafted NetCDF file containing an oversized geometry attribute, which is read into a fixed-size stac...

CVE-2026-9628

Summary : CVE-2026-9628 impacts UTT HiPER 1200GW (up to version 2.5.3-170306) via the Web Management Interface. The vulnerability is in /goform/formPptpClientConfig, where manipulating the PPTP server address/username/password/tunnel name triggers a stack-based buffer overflow. The flaw’s attack ...

PT-2026-44097

Name of the Vulnerable Software and Affected Versions Gladinet Triofox affected versions not specified Description A stack-based buffer overflow condition occurs in the WOSDeviceDropFolder.dll library. This issue is triggered when the system processes an excessively long URL path that begins with...

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

CVE-2018-25360

AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious ping.txt file with shellcode and jump instructio...

CVE-2018-25373

CVE-2018-25373 affects SocuSoft DVD Photo Slideshow Professional 8.07. The issue is a stack-based buffer overflow in the Registration Name field that enables local code execution by abusing structured exception handling (SEH). An attacker can craft a malicious text file containing junk bytes, SEH...

CVE-2018-25360 AgataSoft Auto PingMaster 1.5 Buffer Overflow SEH

AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious ping.txt file with shellcode and jump instructio...

CVE-2026-9463 Edimax EW-7438RPn formLicence stack-based overflow

A flaw has been found in Edimax EW-7438RPn 1.31. Affected by this issue is the function formLicence of the file /goform/formLicence. This manipulation of the argument submit-url causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be use...

CVE-2026-9429 Tenda F1202 WrlExtraSet formWrlExtraSet stack-based overflow

A vulnerability was found in Tenda F1202 1.2.0.20408. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. Performing a manipulation of the argument delno results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

CVE-2026-9427 Edimax EW-7438RPn webs formWlSiteSurvey stack-based overflow

A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submit-url causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

CVE-2026-9426 Edimax EW-7438RPn formHwSet stack-based overflow

A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/initgain/txcck/txofdm/submit-url results in stack-based buffer...

CVE-2026-9425 Edimax EW-7438RPn formWlanMP stack-based overflow

A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The impacted element is the function formWlanMP of the file /goform/formWlanMP. The manipulation of the argument...

CVE-2026-9425

Edimax EW-7438RPn firmware 1.31 is affected by a stack-based overflow in the formWlanMP handler at /goform/formWlanMP. Input manipulation of parameters such as ateFunc/ateGain/ateTxCount/ateChan/ateRate/ateMacID/e2pTxPower1..7/e2pTx2Power1..7/ateTxFreqOffset/ateMode/ateBW/ateAntenna/e2pTxFreqOffs...

CVE-2026-9344 Edimax EW-7438RPn webs formWpsStart stack-based overflow

A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed...

CVE-2018-25322

Allok Fast AVI MPEG Splitter 1.2 is affected by a stack-based buffer overflow in the License Name field. An attacker with local access can craft a payload (about 780 bytes of junk data followed by structured shellcode) to overflow the stack and execute code with the application's privileges. The ...

CVE-2026-44857

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

CVE-2026-34690

After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-44856 Authenticated Stack-Based Buffer Overflow in PAPI Services

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

CVE-2026-41089

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

CVE-2026-40399

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...