Vulnerabilities (CVE)

Filtered by CWE-121
Total 1710 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-33518 1 Arubanetworks 1 Arubaos 2025-07-25 N/A 5.3 MEDIUM
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.
CVE-2025-41687 2025-07-25 N/A 9.8 CRITICAL
An unauthenticated remote attacker may use a stack based buffer overflow in the u-link Management API to gain full access on the affected devices.
CVE-2025-8159 2025-07-25 9.0 HIGH 8.8 HIGH
A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. This issue affects the function formLanguageChange of the file /goform/formLanguageChange of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-7908 1 Dlink 2 Di-8100, Di-8100 Firmware 2025-07-25 9.0 HIGH 8.8 HIGH
A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file /ddns.asp?opt=add of the component jhttpd. The manipulation of the argument mx leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7909 1 Dlink 2 Dir-513, Dir-513 Firmware 2025-07-25 9.0 HIGH 8.8 HIGH
A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. Affected by this issue is the function sprintf of the file /goform/formLanSetupRouterSettings of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-7910 1 Dlink 2 Dir-513, Dir-513 Firmware 2025-07-25 9.0 HIGH 8.8 HIGH
A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function sprintf of the file /goform/formSetWanNonLogin of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2014-9190 1 Schneider-electric 1 Wonderware Intouch Access Anywhere Server 2025-07-24 10.0 HIGH N/A
Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist.
CVE-2024-21758 1 Fortinet 1 Fortiweb 2025-07-24 N/A 6.4 MEDIUM
A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections.
CVE-2024-46663 1 Fortinet 1 Fortimail 2025-07-24 N/A 6.7 MEDIUM
A stack-buffer overflow vulnerability [CWE-121] in Fortinet FortiMail CLI version 7.6.0 through 7.6.1 and before 7.4.3 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI commands.
CVE-2024-25176 1 Luajit 1 Luajit 2025-07-24 N/A 9.8 CRITICAL
LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.
CVE-2025-7762 1 Dlink 2 Di-8100, Di-8100 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menu_nat_more.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7790 1 Dlink 2 Di-8100, Di-8100 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of the file /menu_nat.asp of the component HTTP Request Handler. The manipulation of the argument out_addr/in_addr/out_port/proto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7807 1 Tenda 2 Fh451, Fh451 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. This issue affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7806 1 Tenda 2 Fh451, Fh451 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7805 1 Tenda 2 Fh451, Fh451 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7796 1 Tenda 2 Fh451, Fh451 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Username leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7795 1 Tenda 2 Fh451, Fh451 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7794 1 Tenda 2 Fh451, Fh451 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7793 1 Tenda 2 Fh451, Fh451 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7792 1 Tenda 2 Fh451, Fh451 Firmware 2025-07-23 9.0 HIGH 8.8 HIGH
A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.