Total
3140 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36997 | 1 Dummysoftware | 1 Backlinkspeed | 2026-01-30 | 9.8 Critical |
| BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler (SEH) chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing arbitrary code and gaining control of the application. | ||||
| CVE-2026-21224 | 1 Microsoft | 1 Azure Connected Machine Agent | 2026-01-30 | 7.8 High |
| Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2021-47789 | 1 Yenkee | 3 Hornet Gaming Mouse, Yms 3029, Yms 3029 Firmware | 2026-01-30 | 7.5 High |
| Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash. | ||||
| CVE-2026-22262 | 1 Oisf | 1 Suricata | 2026-01-29 | 5.9 Medium |
| Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior to versions 8.0.3 and 7.0.14, if the data in the dataset is too large, this can result in a stack overflow. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not use rules with datasets `save` nor `state` options. | ||||
| CVE-2020-36967 | 1 Zortam | 1 Mp3 Media Studio | 2026-01-29 | 9.8 Critical |
| Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler (SEH) overwrite and execute arbitrary commands on the target system. | ||||
| CVE-2020-36965 | 1 Verypdf | 1 Docprint Pro | 2026-01-29 | 8.4 High |
| docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload that triggers a structured exception handler (SEH) overwrite to execute shellcode and gain remote system access. | ||||
| CVE-2020-36961 | 1 10-strike | 1 Network Inventory Explorer | 2026-01-29 | 9.8 Critical |
| 10-Strike Network Inventory Explorer 8.65 contains a buffer overflow vulnerability in exception handling that allows remote attackers to execute arbitrary code. Attackers can craft a malicious file with 209 bytes of padding and a specially constructed Structured Exception Handler to trigger code execution. | ||||
| CVE-2026-24881 | 1 Gnupg | 1 Gnupg | 2026-01-29 | 8.1 High |
| In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that could lead to remote code execution. | ||||
| CVE-2025-26386 | 1 Johnsoncontrols | 1 Istar Configuration Utility | 2026-01-29 | N/A |
| Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of the machine hosting the ICU tool. | ||||
| CVE-2026-24882 | 1 Gnupg | 1 Gnupg | 2026-01-29 | 8.4 High |
| In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys. | ||||
| CVE-2025-55095 | 1 Eclipse | 2 Threadx Usbx, Usbx | 2026-01-29 | 4.2 Medium |
| The function _ux_host_class_storage_media_mount() is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in _ux_host_class_storage_partition_read(), which parses up to four partition entries. If an extended partition is found (with type UX_HOST_CLASS_STORAGE_PARTITION_EXTENDED or EXTENDED_LBA_MAPPED), the code invokes: _ux_host_class_storage_media_mount(storage, sector + _ux_utility_long_get(...)); There is no limit on the recursion depth or tracking of visited sectors. As a result, a malicious or malformed disk image can include cyclic or excessively deep chains of extended partitions, causing the function to recurse until stack overflow occurs. | ||||
| CVE-2020-36971 | 1 Nidesoft | 1 3gp Video Converter | 2026-01-29 | 8.4 High |
| Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system. | ||||
| CVE-2025-65805 | 1 Openairinterface | 2 Cn5g Amf, Oai-cn5g-amf | 2026-01-29 | 7.5 High |
| OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF. | ||||
| CVE-2026-1361 | 1 Delta Electronics | 1 Asdasoft | 2026-01-27 | 7.8 High |
| ASDA-Soft Stack-based Buffer Overflow Vulnerability | ||||
| CVE-2025-9820 | 1 Redhat | 2 Enterprise Linux, Openshift | 2026-01-27 | 4 Medium |
| A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks. | ||||
| CVE-2026-1425 | 1 Pymumu | 1 Smartdns | 2026-01-27 | 5.6 Medium |
| A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function _dns_decode_rr_head/_dns_decode_SVCB_HTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The patch is identified as 2d57c4b4e1add9b4537aeb403f794a084727e1c8. Applying a patch is advised to resolve this issue. | ||||
| CVE-2025-70651 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-01-26 | 7.5 High |
| Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-70648 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-01-26 | 7.5 High |
| Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_727F4 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-70646 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-01-26 | 7.5 High |
| Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_72290 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-71020 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-26 | 7.5 High |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_4C408 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||