CVE-2025-4059 code-projects Prison Management System Prison_Mgmt_Sys addrecord stack-based overflow

A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component PrisonMgmtSys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally...

CVE-2025-4038 code-projects Train Ticket Reservation System reservation stack-based overflow

A vulnerability was found in code-projects Train Ticket Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is the function Reservation of the component Ticket Reservation. The manipulation of the argument Name leads to stack-based buffer overflow. Attacking...

CVE-2025-4038 code-projects Train Ticket Reservation System reservation stack-based overflow

A vulnerability was found in code-projects Train Ticket Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is the function Reservation of the component Ticket Reservation. The manipulation of the argument Name leads to stack-based buffer overflow. Attacking...

CVE-2025-4029 code-projects Personal Diary Management System New Record addrecord stack-based overflow

A vulnerability was found in code-projects Personal Diary Management System 1.0 and classified as critical. Affected by this issue is the function addrecord of the component New Record Handler. The manipulation of the argument filename leads to stack-based buffer overflow. Local access is require...

CVE-2025-4007 Tenda W12/i24 httpd modules cgidhcpsCfgSet stack-based overflow

A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack c...

CVE-2025-3820 Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflow

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644 and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-3820 Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflow

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644 and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-3803 Tenda W12/i24 httpd cgiSysScheduleRebootSet stack-based overflow

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated...

CVE-2025-3802

CVE-2025-3802 affects Tenda W12 and i24 devices (versions 3.0.0.4(2887)/3.0.0.5(3644)). The issue is a stack-based buffer overflow in the function cgiPingSet within /bin/httpd when the pingIP argument is manipulated. This vulnerability can be triggered remotely and has been publicly disclosed, wi...

CVE-2025-3802 Tenda W12/i24 httpd cgiPingSet stack-based overflow

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely...

CVE-2025-3785 D-Link DWR-M961 Authorization Interface formStaticDHCP stack-based overflow

A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formStaticDHCP of the component Authorization Interface. The manipulation of the argument Hostname leads to stack-based buffer overflow. The attack can ...

CVE-2025-3785

The CVE-2025-3785 entry concerns D-Link DWR-M961 (version 1.1.36) and affects the Authorization Interface component, specifically the /boafrm/formStaticDHCP file. The root cause is improper validation of the Hostname argument, causing a stack-based buffer overflow that can be triggered remotely. ...

CVE-2025-3693 Tenda W12 httpd cgiWifiRadioSet stack-based overflow

A vulnerability was found in Tenda W12 3.0.0.5. It has been rated as critical. Affected by this issue is the function cgiWifiRadioSet of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public an...

CVE-2025-2497

A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2025-3588

CVE-2025-3588 affects joelittlejohn jsonschema2pojo v1.2.2, specifically the apply function in org/jsonschema2pojo/rules/SchemaRule.java. The issue is a stack-based buffer overflow with local access required. The exploit has been publicly disclosed and vendor response is unavailable. Public mitig...

CVE-2025-3588 joelittlejohn jsonschema2pojo JSON File SchemaRule.java apply stack-based overflow

A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based buffer overflow...

The vulnerability of the neigh_forced_gc() function in the net/core/neighbour.c module of the Linux kernel’s networking functions allows a hacker to cause a service failure.

The vulnerability of the neighforcedgc function in the net/core/neighbour.c module, which is part of Linux’s kernel-based networking functions, is related to buffer overflows based on a stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-3538

CVE-2025-3538 affects D-Link DI-8100 (version 16.07.26A1) via the vulnerable jhttpd component: the function in /auth.asp named auth_asp does not properly validate the input length, allowing a stack-based buffer overflow when manipulating the argument callback . Impact is high (confidentiality, in...

CVE-2025-3538 D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function authasp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within th...

CVE-2025-3538 D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function authasp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within th...