CWE-121— Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).— MITRE CWE catalog
3,266 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 54 of 66
- CVE-2025-6486HIGHCVSS 8.8EG 8.82025-06-22
A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been declared as critical. This vulnerability affects the function formWlanMultipleAP of the file /boafrm/formWlanMultipleAP. The manipulation of the argument submit…
- CVE-2025-6487HIGHCVSS 8.8EG 8.82025-06-22
A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function formRoute of the file /boafrm/formRoute. The manipulation of the argument subnet leads to stack-based buffer …
- CVE-2025-6510HIGHCVSS 8.8EG 8.82025-06-23
A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affected by this issue is the function sub_415EF8. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The…
- CVE-2025-6511HIGHCVSS 8.8EG 8.82025-06-23
A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46_1.0.76. This affects the function sub_410090. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The explo…
- CVE-2025-65220MEDIUMCVSS 4.3EG 4.32025-11-20
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow in: /goform/SetVirtualServerCfg via the list parameter.
- CVE-2025-65221MEDIUMCVSS 4.3EG 4.32025-11-20
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the list parameter of /goform/setPptpUserList.
- CVE-2025-65222MEDIUMCVSS 4.3EG 4.32025-11-20
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the rebootTime parameter of /goform/SetSysAutoRebbotCfg.
- CVE-2025-65223MEDIUMCVSS 4.3EG 4.32025-11-20
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo.
- CVE-2025-65410MEDIUMCVSS 6.2EG 6.22025-12-23
A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.
- CVE-2025-6565HIGHCVSS 8.8EG 8.82025-06-24
A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer over…
- CVE-2025-6566HIGHCVSS 7.5EG 5.32025-06-24
A vulnerability was found in oatpp Oat++ up to 1.3.1. It has been declared as critical. This vulnerability affects the function deserializeArray of the file src/oatpp/json/Deserializer.cpp. The manipulation leads to stack-based buffer over…
- CVE-2025-65804MEDIUMCVSS 6.5EG 6.52025-12-08
Tenda AX3 v16.03.12.11 contains a stack overflow in formSetIptv via the iptvType parameter, which can cause memory corruption and enable remote code execution (RCE).
- CVE-2025-65805HIGHCVSS 7.5EG 7.52026-01-07
OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending a…
- CVE-2025-66043CRITICALCVSS 9.8EG 9.82025-12-11
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious fil…
- CVE-2025-66044CRITICALCVSS 9.8EG 9.82025-12-11
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious fil…
- CVE-2025-66045CRITICALCVSS 9.8EG 9.82025-12-11
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious fil…
- CVE-2025-66046CRITICALCVSS 9.8EG 9.82025-12-11
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious fil…
- CVE-2025-66047CRITICALCVSS 9.8EG 9.82025-12-11
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious fil…
- CVE-2025-66048CRITICALCVSS 9.8EG 9.82025-12-11
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious fil…
- CVE-2025-6614HIGHCVSS 8.8EG 8.82025-06-25
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5. The manipulation of the argument curTim…
- CVE-2025-6615HIGHCVSS 8.8EG 8.82025-06-25
A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the file /goform/formAutoDetecWAN_wizard4. The manipulation of the argument curTime leads to sta…
- CVE-2025-6616HIGHCVSS 8.8EG 8.82025-06-25
A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWAN_Wizard51 of the file /goform/formSetWAN_Wizard51. The manipulation of the argument curTime leads to st…
- CVE-2025-6617HIGHCVSS 8.8EG 8.82025-06-25
A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to stack-based buffer ov…
- CVE-2025-66176HIGHCVSS 8.8EG 8.82026-01-13
There is a Buffer overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending speci…
- CVE-2025-66177HIGHCVSS 8.8EG 8.82026-01-13
There is a Buffer overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specia…
- CVE-2025-66280HIGHCVSS 7.2EG 7.22026-06-10
An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of …
- CVE-2025-6663HIGHCVSS 7.8EG 7.82025-07-07
GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is req…
- CVE-2025-66635HIGHCVSS 7.2EG 7.22025-12-16
Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided…
- CVE-2025-66865HIGHCVSS 7.5EG 7.52025-12-29
An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.
- CVE-2025-66877HIGHCVSS 7.5EG 7.52025-12-29
Buffer overflow vulnerability in function dcputchar in decompile.c in libming 0.4.8.
- CVE-2025-67187CRITICALCVSS 9.8EG 9.82026-02-03
A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment parameter is not properly validated fo…
- CVE-2025-67432HIGHCVSS 7.5EG 7.52026-02-12
A stack overflow in the ZBarcode_Encode function of Monkeybread Software MBS DynaPDF Plugin v21.3.1.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-6752HIGHCVSS 8.8EG 8.82025-06-27
A vulnerability has been found in Linksys WRT1900ACS, EA7200, EA7450 and EA7500 up to 20250619 and classified as critical. This vulnerability affects the function SetDefaultConnectionService of the file /upnp/control/Layer3Forwarding of th…
- CVE-2025-6857HIGHCVSS 7.8EG 3.32025-06-29
A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to …
- CVE-2025-68622MEDIUMCVSS 6.8EG 6.82026-01-12
Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class (UVC) device to trigger a stack buffer overflow …
- CVE-2025-68670CRITICALCVSS 9.1EG 9.12026-01-27
xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection seque…
- CVE-2025-68706CRITICALCVSS 9.8EG 9.82025-12-29
A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf() to copy the user-supplied pincode parameter into a fixed 132-by…
- CVE-2025-6886HIGHCVSS 8.8EG 8.82025-06-30
A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime …
- CVE-2025-6887HIGHCVSS 8.8EG 8.82025-06-30
A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buff…
- CVE-2025-69195HIGHCVSS 7.6EG 7.62026-01-09
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote …
- CVE-2025-69720HIGHCVSS 7.8EG 9.82026-03-19
The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.
- CVE-2025-69762CRITICALCVSS 9.8EG 9.82026-01-21
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution.
- CVE-2025-69763CRITICALCVSS 9.8EG 9.82026-01-21
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution.
- CVE-2025-69764CRITICALCVSS 9.8EG 9.82026-01-22
Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution.
- CVE-2025-69766CRITICALCVSS 9.8EG 9.82026-01-21
Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution.
- CVE-2025-70083HIGHCVSS 7.8EG 7.82026-02-11
An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size …
- CVE-2025-70085CRITICALCVSS 9.8EG 9.82026-02-11
An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames (Source1Filename and the string returned by FileUtil_FileStateStr) into this buffer without an…
- CVE-2025-7019MEDIUMCVSS 5.5EG 5.52026-06-12
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast…
- CVE-2025-70304HIGHCVSS 7.5EG 7.52026-01-15
A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet.
- CVE-2025-70305MEDIUMCVSS 5.5EG 5.52026-01-15
A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file.
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →