CWE-562

6 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-562page 1 of 1

CVE-2020-21686MEDIUMCVSS 5.5EG 5.5
2023-08-22
A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file.
CVE-2021-21798HIGHCVSS 7.8EG 7.8
2021-09-15
An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing …
CVE-2022-41837CRITICALCVSS 9.8EG 9.8
2022-12-22
An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted exif metadata can lead to stack-based memory corruption. An attacker can pro…
CVE-2024-33045HIGHCVSS 8.4EG 8.4
2024-09-02
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVE-2024-4418MEDIUMCVSS 6.2EG 6.2
2024-05-08
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in…
CVE-2026-3591MEDIUMCVSS 5.4EG 5.4
2026-03-25
A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In a default…

Map vulnerabilities like CWE-562 to your infrastructure

EchelonGraph correlates every CVE — across CWE-562 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →