CVE-2025-6292

CVE-2025-6292 affects D-Link DIR-825, specifically version 2.03. The issue stems from the HTTP POST Request Handler’s sub_4091AC function, which can be triggered remotely to cause a stack-based buffer overflow. Public exploitation is indicated, and the vulnerability targets devices no longer supp...

CVE-2025-6291 D-Link DIR-825 HTTP POST Request do_file stack-based overflow

A vulnerability, which was classified as critical, was found in D-Link DIR-825 2.03. This affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...

CVE-2025-6291

CVE-2025-6291 concerns the D-Link DIR-825 router (version 2.03) where the HTTP POST Request Handler’s function do_file allows a stack-based buffer overflow. Multiple sources (CNVD/CNNVD/NVD, CVE lists) describe a remote, unauthenticated or low-privilege path to exploit that can execute arbitrary ...

CVE-2025-6291 D-Link DIR-825 HTTP POST Request do_file stack-based overflow

A vulnerability, which was classified as critical, was found in D-Link DIR-825 2.03. This affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...

CVE-2025-6158

D-Link DIR-665, version 1.00, is affected by a stack-based buffer overflow in the HTTP POST Request Handler’s sub_AC78 function. The vulnerability can be exploited remotely by sending a crafted POST request, and public exploit details exist. The issue may allow remote denial-of-service (per PT se...

CVE-2025-6158 D-Link DIR-665 HTTP POST Request sub_AC78 stack-based overflow

A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function subAC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-6141 GNU ncurses parse_entry.c postprocess_termcap stack-based overflow

A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocesstermcap of the file tinfo/parseentry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to...

CVE-2025-6141

A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocesstermcap of the file tinfo/parseentry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to...

CVE-2025-6121

CVE-2025-6121 affects D-Link DIR-632 FW103B08. The vulnerability is a stack-based overflow in the HTTP POST Request Handler’s get_pure_content function caused by incorrect handling of the Content-Length argument. It is exploitable remotely, with the exploit publicly disclosed, and affects product...

CVE-2025-6121 D-Link DIR-632 HTTP POST Request get_pure_content stack-based overflow

A vulnerability, which was classified as critical, has been found in D-Link DIR-632 FW103B08. Affected by this issue is the function getpurecontent of the component HTTP POST Request Handler. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be...

CVE-2025-6115 D-Link DIR-619L form_macfilter stack-based overflow

A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. Affected by this issue is the function formmacfilter. The manipulation of the argument machostname%d/schedname%d leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclos...

CVE-2025-6115 D-Link DIR-619L form_macfilter stack-based overflow

A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. Affected by this issue is the function formmacfilter. The manipulation of the argument machostname%d/schedname%d leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclos...

CVE-2025-6114

CVE-2025-6114 affects D-Link DIR-619L firmware 2.06B01. The vulnerability is a stack-based buffer overflow in the form_portforwarding function (input arguments ingress_name_%d/sched_name_%d/name_%d) that can be exploited remotely. Public PoC/exploit information exists; this issue is reported to a...

CVE-2025-6111

CVE-2025-6111 affects Tenda FH1205 (firmware 2.0.0.7(775)). The vulnerability is a stack-based buffer overflow in the fromVirtualSer function of /goform/VirtualSer caused by improper validation of the argument page. It can be triggered remotely, with in-the-wild PoC activity reported. No patch de...

CVE-2025-6110 Tenda FH1201 SafeMacFilter stack-based overflow

A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14408. This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

Stack-based Buffer Overflow

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Stack-based Buffer Overflow due to unsafe use of strcpy in the xmllint interactive shell command tool. An attacker can cause a crash by providing an overly long argument to any...

CVE-2025-6093 uYanki board-stm32f103rc-berial heartrate1_hal.c heartrate1_i2c_hal_write stack-based overflow

A vulnerability classified as critical was found in uYanki board-stm32f103rc-berial up to 84daed541609cb7b46854cc6672a275d1007e295. This vulnerability affects the function heartrate1i2chalwrite of the file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1hal.c. The manipulation of the argument...

CVE-2025-6093

The CVE-2025-6093 vulnerability is in the uYanki board-stm32f103rc-berial, affecting the function heartrate1_i2c_hal_write in 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1_hal.c. The root cause is manipulation of the num argument, which leads to a stack-based buffer overflow. Public detail...

gstreamer1-plugins-bad-free: mingw-gstreamer1-plugins-bad-free: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

A flaw was found in GStreamer H265 Codec Parsing gstreamer1-plugins-bad-free. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers...

gstreamer1-plugins-bad-free: mingw-gstreamer1-plugins-bad-free: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

A flaw was found in GStreamer H265 Codec Parsing gstreamer1-plugins-bad-free. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers...