Vulnerabilities (CVE)

Filtered by CWE-121
Total 2788 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-27568 1 Libtor 2 Lbt-t300-t390, Lbt-t300-t390 Firmware 2026-06-17 N/A 6.5 MEDIUM
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the apn_name_3g parameter in the setupEC20Apn function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27567 1 Libtor 2 Lbt-t300-t390, Lbt-t300-t390 Firmware 2026-06-17 N/A 6.5 MEDIUM
LBT T300- T390 v2.2.1.8 were discovered to contain a stack overflow via the vpn_client_ip parameter in the config_vpn_pptp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27459 1 Openvpn 1 Openvpn 2026-06-17 N/A 7.8 HIGH
The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges.
CVE-2024-27337 1 Tungstenautomation 1 Power Pdf 2026-06-17 N/A 7.8 HIGH
Kofax Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22033.
CVE-2024-27130 1 Qnap 2 Qts, Quts Hero 2026-06-17 N/A 7.2 HIGH
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
CVE-2024-27129 1 Qnap 2 Qts, Quts Hero 2026-06-17 N/A 6.4 MEDIUM
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
CVE-2024-27128 1 Qnap 2 Qts, Quts Hero 2026-06-17 N/A 6.4 MEDIUM
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
CVE-2024-26305 2026-06-17 N/A 9.8 CRITICAL
There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-26304 2026-06-17 N/A 9.8 CRITICAL
There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-26180 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2026-06-17 N/A 8.0 HIGH
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26010 1 Fortinet 4 Fortios, Fortipam, Fortiproxy and 1 more 2026-06-17 N/A 7.5 HIGH
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
CVE-2024-25756 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 8.0 HIGH
A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formWifiBasicSet function.
CVE-2024-25753 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 8.8 HIGH
Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formSetDeviceName function.
CVE-2024-25751 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the fromSetSysTime function.
CVE-2024-25748 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 8.8 HIGH
A Stack Based Buffer Overflow vulnerability in tenda AC9 AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the fromSetIpMacBind function.
CVE-2024-25746 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 8.8 HIGH
Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the add_white_node function.
CVE-2024-25393 1 Rt-thread 1 Rt-thread 2026-06-17 N/A 9.8 CRITICAL
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.
CVE-2024-25391 1 Rt-thread 1 Rt-thread 2026-06-17 N/A 8.4 HIGH
A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2.
CVE-2024-25331 2026-06-17 N/A 9.3 CRITICAL
DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution (RCE) vulnerability elevated from HNAP Stack-Based Buffer Overflow.
CVE-2024-25176 1 Luajit 1 Luajit 2026-06-17 N/A 9.8 CRITICAL
LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.