CWE-121— Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).— MITRE CWE catalog
3,266 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 45 of 66
- CVE-2025-26386HIGHCVSS 7.1EG 7.12026-01-28
Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior. Successful exploitation of this vulnerability could result in …
- CVE-2025-26506CRITICALCVSS 9.8EG 9.82025-02-14
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
- CVE-2025-26507CRITICALCVSS 9.8EG 9.82025-02-14
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
- CVE-2025-26595HIGHCVSS 7.8EG 7.82025-02-25
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffe…
- CVE-2025-26688HIGHCVSS 7.8EG 7.82025-04-08
Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.
- CVE-2025-27151MEDIUMCVSS 4.7EG 4.72025-05-29
Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exists in redis-check-aof due to the use of memcpy with strlen(filepath) when copying a user-…
- CVE-2025-27168HIGHCVSS 7.8EG 7.82025-03-11
Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
- CVE-2025-27481HIGHCVSS 8.8EG 8.82025-04-08
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-28026HIGHCVSS 7.3EG 7.32025-04-22
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi.
- CVE-2025-28027HIGHCVSS 7.3EG 7.32025-04-22
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi.
- CVE-2025-28029HIGHCVSS 7.3EG 7.32025-04-22
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi
- CVE-2025-28030HIGHCVSS 8.8EG 8.82025-04-22
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function.
- CVE-2025-28032HIGHCVSS 7.3EG 7.32025-04-22
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulne…
- CVE-2025-28033HIGHCVSS 7.3EG 7.32025-04-22
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer …
- CVE-2025-28135HIGHCVSS 7.5EG 7.52025-03-27
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi.
- CVE-2025-28136MEDIUMCVSS 6.5EG 6.52025-04-15
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi.
- CVE-2025-28144MEDIUMCVSS 6.5EG 6.52025-04-15
Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a stack overflow vlunerability via peerPin parameter in the formWsc function.
- CVE-2025-28343HIGHCVSS 7.5EG 7.52026-05-13
striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons.
- CVE-2025-28344HIGHCVSS 7.5EG 7.52026-05-13
striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack.
- CVE-2025-2837HIGHCVSS 8.8EG 8.82025-03-26
Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS.…
- CVE-2025-29100CRITICALCVSS 9.8EG 9.82025-03-24
Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the parameter list.
- CVE-2025-29101HIGHCVSS 7.5EG 7.52025-03-20
Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function.
- CVE-2025-29118MEDIUMCVSS 6.5EG 5.52025-03-19
Tenda AC8 V16.03.34.06 was discovered to contain a stack overflow via the src parameter in the function sub_47D878.
- CVE-2025-29121HIGHCVSS 7.5EG 7.52025-03-20
A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow.
- CVE-2025-29135CRITICALCVSS 9.8EG 9.82025-03-24
A stack-based buffer overflow vulnerability in Tenda AC7 V15.03.06.44 allows a remote attacker to execute arbitrary code through a stack overflow attack using the security parameter of the formWifiBasicSet function.
- CVE-2025-29149HIGHCVSS 7.5EG 7.52025-03-20
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.
- CVE-2025-29214HIGHCVSS 7.5EG 7.52025-03-20
Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg.
- CVE-2025-29215MEDIUMCVSS 6.5EG 6.52025-03-20
Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList.
- CVE-2025-29217MEDIUMCVSS 6.5EG 6.52025-03-20
Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiSSID parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- CVE-2025-29218MEDIUMCVSS 6.5EG 6.52025-03-20
Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiPwd parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- CVE-2025-29364MEDIUMCVSS 6.5EG 6.52025-08-28
spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READ_SYSCALL and WRITE_SYSCALL system calls. The application verifies the legitimacy of the starting and ending addresses for memory read/write operations. By co…
- CVE-2025-29387HIGHCVSS 7.1EG 7.12025-03-14
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
- CVE-2025-29840HIGHCVSS 8.8EG 8.82025-05-13
Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
- CVE-2025-29951HIGHCVSS 7.3EG 7.32026-02-10
A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution.
- CVE-2025-29988MEDIUMCVSS 6.9EG 6.92025-04-09
Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.
- CVE-2025-3007MEDIUMCVSS 5.5EG 5.52025-03-31
A vulnerability was found in Novastar CX40 up to 2.44.0. It has been rated as critical. This issue affects the function getopt of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation of the argument cmd/net…
- CVE-2025-30265MEDIUMCVSS 6.5EG 6.52025-08-29
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fi…
- CVE-2025-30298HIGHCVSS 7.8EG 7.82025-04-08
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user int…
- CVE-2025-30421HIGHCVSS 7.8EG 7.82025-05-15
There is a memory corruption vulnerability due to a stack-based buffer overflow in DrObjectStorage::XML_Serialize() when using the SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitr…
- CVE-2025-30472CRITICALCVSS 9.0EG 9.02025-03-22
Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.
- CVE-2025-3161HIGHCVSS 8.8EG 8.82025-04-03
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. …
- CVE-2025-3166MEDIUMCVSS 5.3EG 5.32025-04-03
A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function search_item of the component Search Product Menu. The manipulation of the argument target leads to sta…
- CVE-2025-3196MEDIUMCVSS 5.3EG 5.32025-04-04
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed …
- CVE-2025-32010HIGHCVSS 8.1EG 8.12025-08-20
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger thi…
- CVE-2025-3203MEDIUMCVSS 4.3EG 4.32025-04-04
A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based …
- CVE-2025-32058CRITICALCVSS 9.3EG 9.32026-02-15
The Infotainment ECU manufactured by Bosch uses a RH850 module for CAN communication. RH850 is connected to infotainment over the INC interface through a custom protocol. There is a vulnerability during processing requests of this protocol…
- CVE-2025-32059HIGHCVSS 8.8EG 8.82026-02-15
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-ba…
- CVE-2025-32061HIGHCVSS 8.8EG 8.82026-02-15
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-ba…
- CVE-2025-32062HIGHCVSS 8.8EG 8.82026-02-15
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-ba…
- CVE-2025-32387MEDIUMCVSS 6.5EG 6.52025-04-09
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. …
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →