Search Results (3407 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-9560 3 Debian, Jasper Project, Redhat 9 Debian Linux, Jasper, Enterprise Linux and 6 more 2025-04-20 7.8 High
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
CVE-2015-7510 1 Systemd Project 1 Systemd 2025-04-20 N/A
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.
CVE-2017-1000249 1 File Project 1 File 2025-04-20 N/A
An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 (Aug 2017).
CVE-2015-4646 1 Squashfs Project 1 Squashfs 2025-04-20 7.5 High
(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input.
CVE-2016-10049 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 High
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2024-29164 2 Hdfgroup, Redhat 2 Hdf5, Enterprise Linux Ai 2025-04-18 9.8 Critical
HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_heap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2023-48264 1 Bosch 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more 2025-04-17 8.1 High
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request.
CVE-2024-54808 1 Netgear 2 Wnr854t, Wnr854t Firmware 2025-04-17 9.8 Critical
Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution.
CVE-2024-54809 1 Netgear 2 Wnr854t, Wnr854t Firmware 2025-04-17 9.8 Critical
Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is determined based on the input specified. By sending a specially crafted packet, an attacker can take control of the program counter and hijack control flow of the program to execute arbitrary system commands.
CVE-2021-23138 1 We-con 1 Levistudiou 2025-04-16 7.8 High
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.
CVE-2022-21137 1 Omron 1 Cx-one 2025-04-16 7.8 High
Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code.
CVE-2022-25170 1 Fatek 1 Fvdesigner 2025-04-16 7.8 High
The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code
CVE-2022-26419 1 Omron 1 Cx-position 2025-04-16 7.8 High
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code.
CVE-2022-21228 1 Fujielectric 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware 2025-04-16 7.8 High
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
CVE-2022-1888 1 Fujielectric 2 Alpha7 Pc Loader, Alpha7 Pc Loader Firmware 2025-04-16 7.8 High
Alpha7 PC Loader (All versions) is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code.
CVE-2022-1405 1 Deltaww 1 Cncsoft 2025-04-16 7.8 High
CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.
CVE-2022-2895 1 Measuresoft 1 Scadapro Server 2025-04-16 7.8 High
Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file.
CVE-2022-2896 1 Measuresoft 1 Scadapro Server 2025-04-16 7.8 High
Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project file.
CVE-2021-32976 1 Moxa 8 Nport Iaw5150a-12i\/o, Nport Iaw5150a-12i\/o Firmware, Nport Iaw5150a-6i\/o and 5 more 2025-04-16 9.8 Critical
Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code.
CVE-2022-1068 1 Modbustools 1 Modbus Slave 2025-04-16 5.5 Medium
Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used.