CWE-121— Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).— MITRE CWE catalog
3,263 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 31 of 66
- CVE-2024-2892HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffe…
- CVE-2024-28924MEDIUMCVSS 6.7EG 6.72024-04-09
Secure Boot Security Feature Bypass Vulnerability
- CVE-2024-28925HIGHCVSS 8.0EG 8.02024-04-09
Secure Boot Security Feature Bypass Vulnerability
- CVE-2024-28928HIGHCVSS 8.8EG 8.82024-07-09
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
- CVE-2024-2893HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buf…
- CVE-2024-28934HIGHCVSS 8.8EG 8.82024-04-09
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
- CVE-2024-2894HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. This affects the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overf…
- CVE-2024-2895HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. This vulnerability affects the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer…
- CVE-2024-2896HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. This issue affects the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overfl…
- CVE-2024-2898HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability classified as critical was found in Tenda AC7 15.03.06.44. Affected by this vulnerability is the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based …
- CVE-2024-2899HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability, which was classified as critical, has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads…
- CVE-2024-2900HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability, which was classified as critical, was found in Tenda AC7 15.03.06.44. This affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to …
- CVE-2024-2901HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based …
- CVE-2024-29012HIGHCVSS 7.5EG 7.52024-06-20
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
- CVE-2024-2902HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to stack-based buffer …
- CVE-2024-2903HIGHCVSS 8.8EG 8.82024-03-26
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffe…
- CVE-2024-29045HIGHCVSS 7.5EG 7.52024-04-09
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
- CVE-2024-29061HIGHCVSS 7.8EG 7.82024-04-09
Secure Boot Security Feature Bypass Vulnerability
- CVE-2024-29164CRITICALCVSS 9.8EG 9.82024-05-14
HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_heap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
- CVE-2024-29421MEDIUMCVSS 6.2EG 6.22024-05-22
xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer Overflow via libs/dicom/basic.c which allows an attacker to execute arbitrary code.
- CVE-2024-29756CRITICALCVSS 9.8EG 9.82024-04-05
In afe_callback of q6afe.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2024-2976HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda F1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to st…
- CVE-2024-2977HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda F1203 2.0.1.6. It has been rated as critical. Affected by this issue is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buff…
- CVE-2024-2978HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability classified as critical has been found in Tenda F1203 2.0.1.6. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible …
- CVE-2024-2979HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability classified as critical was found in Tenda F1203 2.0.1.6. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-ba…
- CVE-2024-2980HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14(408). This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based…
- CVE-2024-2981HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14(408). Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack…
- CVE-2024-2983HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. Affected by this issue is the function formSetClientState of the file /goform/SetClientState. The manipulation of the argument deviceId/limitSpeed/limitSpe…
- CVE-2024-2984HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been classified as critical. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. …
- CVE-2024-2985HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack…
- CVE-2024-2986HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer…
- CVE-2024-2987HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer o…
- CVE-2024-2988HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability classified as critical was found in Tenda FH1203 2.0.1.6. Affected by this vulnerability is the function fromSetRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument entrys leads to stack-based b…
- CVE-2024-2989HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability, which was classified as critical, has been found in Tenda FH1203 2.0.1.6. Affected by this issue is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to sta…
- CVE-2024-2990HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. This affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow.…
- CVE-2024-2992HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda FH1203 2.0.1.6 and classified as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attac…
- CVE-2024-2993HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda FH1203 2.0.1.6. It has been classified as critical. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overf…
- CVE-2024-2994HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability was found in Tenda FH1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads t…
- CVE-2024-3006HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromSetRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument entrys leads to stack-based buf…
- CVE-2024-3007HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7(775). This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack…
- CVE-2024-3008HIGHCVSS 8.8EG 8.82024-03-27
A vulnerability, which was classified as critical, was found in Tenda FH1205 2.0.0.7(775). Affected is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overf…
- CVE-2024-30083HIGHCVSS 7.5EG 7.52024-06-11
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
- CVE-2024-3010HIGHCVSS 8.8EG 8.82024-03-28
A vulnerability was found in Tenda FH1205 2.0.0.7(775) and classified as critical. Affected by this issue is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflo…
- CVE-2024-3011HIGHCVSS 8.8EG 8.82024-03-28
A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer…
- CVE-2024-3012HIGHCVSS 8.8EG 8.82024-03-28
A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been declared as critical. This vulnerability affects the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to …
- CVE-2024-30166CRITICALCVSS 9.1EG 9.12024-04-03
In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.
- CVE-2024-30273HIGHCVSS 7.8EG 7.82024-04-11
Illustrator versions 28.3, 27.9.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio…
- CVE-2024-30289HIGHCVSS 7.8EG 7.82024-05-16
Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user int…
- CVE-2024-30293HIGHCVSS 7.8EG 7.82024-05-16
Animate versions 24.0.2, 23.0.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction …
- CVE-2024-30392HIGHCVSS 7.5EG 7.52024-04-12
A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS MX Series platforms with SPC3 a…
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →