CVE-2025-4038 code-projects Train Ticket Reservation System reservation stack-based overflow

A vulnerability was found in code-projects Train Ticket Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is the function Reservation of the component Ticket Reservation. The manipulation of the argument Name leads to stack-based buffer overflow. Attacking...

CVE-2025-4029

A vulnerability was found in code-projects Personal Diary Management System 1.0 and classified as critical. Affected by this issue is the function addrecord of the component New Record Handler. The manipulation of the argument filename leads to stack-based buffer overflow. Local access is require...

CVE-2025-4029 code-projects Personal Diary Management System New Record addrecord stack-based overflow

A vulnerability was found in code-projects Personal Diary Management System 1.0 and classified as critical. Affected by this issue is the function addrecord of the component New Record Handler. The manipulation of the argument filename leads to stack-based buffer overflow. Local access is require...

CVE-2025-4029

The CVE-2025-4029 entry concerns code-projects Personal Diary Management System 1.0. The vulnerable component is the function addrecord in the New Record Handler, where manipulation of the filename argument causes a stack-based buffer overflow. Local access is required to exploit, and public disc...

CVE-2025-4007

Summary: CVE-2025-4007 affects Tenda W12 and i24 (versions 3.0.0.4–3.0.0.5). The vulnerability is in the httpd module’s function cgidhcpsCfgSet in /goform/modules. An attacker can remotely exploit a crafted json argument to trigger a stack-based buffer overflow, potentially enabling arbitrary cod...

CVE-2025-4007 Tenda W12/i24 httpd modules cgidhcpsCfgSet stack-based overflow

A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack c...

PT-2025-18118 · Unknown · Code-Projects Online Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: code-projects Train Ticket Reservation System version 1.0 Description: A critical vulnerability was found in the function Reservation of the component Ticket Reservation. The manipulation of the argument Name leads to a stack-based buffer...

CVE-2025-3803

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated...

CVE-2025-3693

A vulnerability was found in Tenda W12 3.0.0.5. It has been rated as critical. Affected by this issue is the function cgiWifiRadioSet of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public an...

CVE-2025-3820

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644 and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched...

Stack Based Buffer Overflow

org.jsonschema2pojo, jsonschema2pojo-core is vulnerable to Stack-based buffer overflow. The vulnerability is due to improper input validation in the apply function of the SchemaRule.java file, allows attackers to exploit the function, leading to a stack-based buffer overflow...

SUSE-SU-2025:20272-1 Security update for orc

This update for orc fixes the following issues: - CVE-2024-40897: Fixed stack-based buffer overflow inside the orc compiler when formatting error messages for certain input files bsc1228184...

CVE-2025-3820 Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflow

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644 and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-3820 Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflow

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644 and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-3802

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely...

CVE-2025-3803 Tenda W12/i24 httpd cgiSysScheduleRebootSet stack-based overflow

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated...

CVE-2025-3802

CVE-2025-3802 affects Tenda W12 and i24 devices (versions 3.0.0.4(2887)/3.0.0.5(3644)). The issue is a stack-based buffer overflow in the function cgiPingSet within /bin/httpd when the pingIP argument is manipulated. This vulnerability can be triggered remotely and has been publicly disclosed, wi...

CVE-2025-3802 Tenda W12/i24 httpd cgiPingSet stack-based overflow

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely...

CVE-2025-3785 D-Link DWR-M961 Authorization Interface formStaticDHCP stack-based overflow

A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formStaticDHCP of the component Authorization Interface. The manipulation of the argument Hostname leads to stack-based buffer overflow. The attack can ...

CVE-2025-3785

The CVE-2025-3785 entry concerns D-Link DWR-M961 (version 1.1.36) and affects the Authorization Interface component, specifically the /boafrm/formStaticDHCP file. The root cause is improper validation of the Hostname argument, causing a stack-based buffer overflow that can be triggered remotely. ...