CVE-2025-41730

An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...

Linksys E1200 Router Firmware <= 2.0.11.001 Multiple Vulnerabilities

Linksys E1200 routers are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-13654

The CVE-2025-13654 issue affects the duc tool (disk usage analyzer). The vulnerability is a stack/underflow in buffer_get that can trigger an out-of-bounds read. OpenSUSE/SUSE and Fedora advisories indicate the fix is in version 1.4.6 of duc (update to 1.4.6). Descriptions confirm the root cause ...

CVE-2025-13654 CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

ABB Terra AC wallbox 安全漏洞

The ABB Terra AC wallbox is ABB's superior EV home charger, offering high value quality, future-proof flexibility, and advanced security and protection. A security vulnerability exists in ABB Terra AC wallbox version 1.8.33 and earlier, which originates from a stack buffer overflow...

CVE-2025-12970

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...

EUVD-2025-199585

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...

CVE-2025-59365

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...

RockyLinux 9 : gimp (RLSA-2025:21968)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21968 advisory. gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 gimp: GIMP ICNS File Parsing Out-Of-Bounds Wri...

Tenda AC21 安全漏洞

Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...

CVE-2025-8727 A stack buffer overflow vulnerability exists in the Supermicro BMC Web function(SSL).

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...

EUVD-2025-197956

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53680)

ipvs: vulnerability causes undefined behavior due to uninitialized stack access in ipvsprotocolinit, which is fixed by zeroing the on-stack buffer to prevent out-of-bound accesses. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...

Linksys E1200 Stack Buffer Overflow Vulnerability

The Linksys E1200 is a router from Linksys USA. The Linksys E1200 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause the execution of arbitrary code or a denial of service...

Supermicro BMC 安全漏洞

The SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the Supermicro BMC Shared library that originates from a stack buffer overflow and could lead to arbitrary code execution...

Supermicro BMC Firmware 安全漏洞

Supermicro BMC Firmware is a system firmware from Supermicro Corporation USA. A security vulnerability exists in Supermicro BMC Firmware that originates from a stack buffer overflow in the BMC Web function that could lead to arbitrary code execution...

EUVD-2025-175334

A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The applycgi and blockcgi functions copy user-supplied input from the "url" CGI parameter into stack buffers v36, v29 using sprintf without bounds checking. Because these buffe...

CVE-2025-60691

A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The applycgi and blockcgi functions copy user-supplied input from the "url" CGI parameter into stack buffers v36, v29 using sprintf without bounds checking. Because these buffe...

CVE-2025-60686

A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers A720R V4.1.5cu.614B20230630, LR1200GB V9.1.0u.6619B20230130, and NR1800X V9.1.0u.6681B20230703. Both programs parse the contents of /proc/net/arp using sscanf with "%s" format...

CVE-2025-60685

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary sub401EE0 function. The binary reads the /proc/stat file using fgets into a local buffer and subsequently parses the line using sscanf into a single-byte variable with the %s forma...