13292 matches found
CVE-2025-1594
FFmpeg has a CVE-2025-1594 stack-based buffer overflow in the AAC Encoder (AACENC) via ff_aac_search_for_tns in libavcodec/aacenc_tns.c. It supports remote exploitation and the exploit has been disclosed publicly. Public advisories indicate affected software: FFmpeg up to 7.1. Debian has released...
CVE-2025-1594
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2025-1594 FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflow
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2025-1594 FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflow
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2025-1539
A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replacespecialchar of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2025-1539
A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replacespecialchar of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2025-1539 D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflow
A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replacespecialchar of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2025-1539
CVE-2025-1539 affects D-Link DAP-1320 (firmware 1.00). The vulnerability lies in the function replace_special_char in the file /storagein.pd-XXXXXX, causing a stack-based buffer overflow. Exploitation appears network-based and remote, with reports indicating public disclosure. Affected devices ar...
CVE-2025-25663
CVE-2025-25663 affects Tenda AC8V4 V16.03.34.06. The vulnerability is in the function SUB_0046AC38 of /goform/WifiExtraSet, where manipulating the argument wpapsk_crypto can cause a stack-based buffer overflow. The issue is described with potential for severe impact (as indicated by multiple sour...
CVE-2025-25663
A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow...
CVE-2025-24928
A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD...
libxml2 -- Stack-based Buffer Overflow
[email protected] reports: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...
CVE-2025-1366
A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issue is the function strcpy of the component VirusPopUp. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been...
CVE-2025-1366 MicroWord eScan Antivirus VirusPopUp strcpy stack-based overflow
A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issue is the function strcpy of the component VirusPopUp. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been...
CVE-2025-1366 MicroWord eScan Antivirus VirusPopUp strcpy stack-based overflow
A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issue is the function strcpy of the component VirusPopUp. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been...
CVE-2025-1366
CVE-2025-1366 affects MicroWord eScan Antivirus 7.0.32 (Linux). The vulnerability is in the VirusPopUp component’s strcpy function, causing a stack-based buffer overflow . Exploitation requires local access; the exploit has been publicly disclosed and the vendor did not respond to disclosures. A ...
CVE-2025-1364
A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this vulnerability is the function passPrompt of the component USB Protection Service. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on...
CVE-2025-1364 MicroWord eScan Antivirus USB Protection Service passPrompt stack-based overflow
A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this vulnerability is the function passPrompt of the component USB Protection Service. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on...
CVE-2025-1364 MicroWord eScan Antivirus USB Protection Service passPrompt stack-based overflow
A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this vulnerability is the function passPrompt of the component USB Protection Service. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on...
CVE-2025-1340 TOTOLINK X18 cstecgi.cgi setPasswordCfg stack-based overflow
A vulnerability classified as critical has been found in TOTOLINK X18 9.1.0cu.2024B20220329. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation as part of String leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit...