CVE-2023-27914

A maliciously crafted XB file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the...

CVE-2023-39281

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase...

CVE-2023-26923

Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code...

CVE-2023-24549

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in...

CVE-2022-41220

md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input...

CVE-2022-45957

ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7uZRDGR2A68 is vulnerable to remote stack buffer overflow...

CVE-2022-43236

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-25465

Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling...

CVE-2022-25044

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...

CVE-2022-23850

xhtmltranslateentity in xhtml.c in epub2txt aka epub2txt2 through 2.02 allows a stack-based buffer overflow via a crafted EPUB document...

CVE-2022-40961

During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash. This issue only affects Firefox for Android. Other operating systems are not affected.. This vulnerability affects Firefox 105...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...

CVE-2022-40784

Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406...

CVE-2022-32117

Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryxprintunhandledexception in /util/print.c...

CVE-2022-27255

In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data...

CVE-2022-43237

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2021-33270

D-Link DIR-809 devices with firmware through DIR-809AxFW1.12WWB0320190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN800462c4 in /formAdvFirewall. This vulnerability is triggered via a crafted POST request...

CVE-2021-33265

D-Link DIR-809 devices with firmware through DIR-809AxFW1.12WWB0320190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN80046eb4 in /formSetPortTr. This vulnerability is triggered via a crafted POST request...

CVE-2021-39558

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function VectorGraphicOutputDev::drawGeneralImage located in VectorGraphicOutputDev.cc. It allows an attacker to cause code Execution...

CVE-2021-39306

A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security...