Filtered by CWE-121
Total 2508 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-2630 2 Qemu, Redhat 2 Qemu, Enterprise Linux 2024-11-21 N/A
A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process.
CVE-2017-18206 3 Canonical, Redhat, Zsh 3 Ubuntu Linux, Enterprise Linux, Zsh 2024-11-21 N/A
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
CVE-2017-16751 1 Deltaww 1 Delta Industrial Automation Screen Editor 2024-11-21 N/A
A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dpb files may allow an attacker to remotely execute arbitrary code.
CVE-2017-16739 1 We-con 2 Levistudio Hmi Editor, Levistudio Hmi Editor Firmware 2024-11-21 N/A
An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. Specially-crafted malicious files may be able to cause stack-based buffer overflow vulnerabilities, which may allow remote code execution.
CVE-2017-16724 1 Advantech 1 Webaccess 2024-11-21 N/A
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack.
CVE-2017-15118 3 Canonical, Qemu, Redhat 4 Ubuntu Linux, Qemu, Enterprise Linux and 1 more 2024-11-21 N/A
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires TLS, the attacker cannot trigger the buffer overflow without first successfully negotiating TLS.
CVE-2017-15101 2 Liblouis, Redhat 7 Liblouis, Enterprise Linux, Enterprise Linux Desktop and 4 more 2024-11-21 N/A
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution.
CVE-2017-12194 1 Spice-gtk Project 1 Spice-gtk 2024-11-21 N/A
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable.
CVE-2016-6563 1 Dlink 18 Dir-818l\(w\), Dir-818l\(w\) Firmware, Dir-822 and 15 more 2024-11-21 N/A
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
CVE-2016-5800 1 Fatek 2 Automation Fv Designer, Automation Pm Designer V3 2024-11-21 N/A
A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0.
CVE-2015-9542 3 Canonical, Debian, Freeradius 3 Ubuntu Linux, Debian Linux, Pam Radius 2024-11-21 7.5 High
add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading the pam_radius library) and crash it. Arbitrary code execution might be possible, depending on the application, C library, compiler, and other factors.
CVE-2015-1007 1 Opto22 4 Optodatalink, Optoopcserver, Pac Display and 1 more 2024-11-21 N/A
A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional versions prior to R9.4008, PAC Project Basic versions prior to R9.4008, PAC Display Basic versions prior to R9.4g, PAC Display Professional versions prior to R9.4g, OptoOPCServer version R9.4c and prior that were installed by PAC Project installer, versions prior to R9.4008, and OptoDataLink version R9.4d and prior that were installed by PAC Project installer, versions prior to R9.4008. Opto 22 suggests upgrading to the new product version as soon as possible.
CVE-2015-1006 1 Opto22 4 Optodatalink, Optoopcserver, Pac Display and 1 more 2024-11-21 N/A
A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versions prior to R9.4c, and OptoDataLink version R9.4d and prior versions that were installed by PAC Project installer, versions prior to R9.4006, is susceptible to a heap-based buffer overflow condition that may allow remote code execution on the target system. Opto 22 suggests upgrading to the new product version as soon as possible.
CVE-2014-9189 1 Honeywell 1 Experion Process Knowledge System 2024-11-21 N/A
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
CVE-2014-8184 2 Liblouis, Redhat 2 Liblouis, Enterprise Linux 2024-11-21 7.8 High
A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened.
CVE-2014-10071 3 Canonical, Redhat, Zsh 3 Ubuntu Linux, Enterprise Linux, Zsh 2024-11-21 N/A
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
CVE-2013-7490 2 Canonical, Perl 2 Ubuntu Linux, Dbi 2024-11-21 5.3 Medium
An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
CVE-2013-4357 5 Canonical, Debian, Eglibc and 2 more 5 Ubuntu Linux, Debian Linux, Eglibc and 2 more 2024-11-21 7.5 High
The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.
CVE-2011-3630 3 Debian, Hardlink Project, Redhat 3 Debian Linux, Hardlink, Enterprise Linux 2024-11-21 8.8 High
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.
CVE-2024-11248 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-19 8.8 High
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.