Vulnerabilities (CVE)

Filtered by CWE-121
Total 2786 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-44019 1 Tendacn 2 Ac10u, Ac10u Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.
CVE-2023-44018 1 Tendacn 2 Ac10u, Ac10u Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.
CVE-2023-44017 1 Tendacn 2 Ac10u, Ac10u Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
CVE-2023-44016 1 Tendacn 2 Ac10u, Ac10u Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
CVE-2023-44015 1 Tendacn 2 Ac10u, Ac10u Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function.
CVE-2023-44014 1 Tendacn 2 Ac10u, Ac10u Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters.
CVE-2023-44013 1 Tendacn 2 Ac10u, Ac10u Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function.
CVE-2023-43683 2026-06-17 N/A 6.5 MEDIUM
An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). A Stack buffer out-of-bounds access exists because of an integer underflow when handling newline characters.
CVE-2023-43549 1 Qualcomm 278 Ar8035, Ar8035 Firmware, Csr8811 and 275 more 2026-06-17 N/A 8.4 HIGH
Memory corruption while processing TPC target power table in FTM TPC.
CVE-2023-43242 1 Dlink 2 Dir-816a2, Dir-816a2 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel.
CVE-2023-43239 1 Dlink 2 Dir-816 A2, Dir-816 A2 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.
CVE-2023-43238 1 Dlink 2 Dir-816 A2, Dir-816 A2 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi.
CVE-2023-43237 1 Dlink 2 Dir-816 A2, Dir-816 A2 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC.
CVE-2023-43236 1 Dlink 2 Dir-816 A2, Dir-816 A2 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi.
CVE-2023-43203 1 Dlink 2 Dwl-6610ap, Dwl-6610ap Firmware 2026-06-17 N/A 9.8 CRITICAL
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a stack overflow vulnerability in the function update_users.
CVE-2023-42790 1 Fortinet 2 Fortios, Fortiproxy 2026-06-17 N/A 8.1 HIGH
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
CVE-2023-42463 1 Wazuh 1 Wazuh 2026-06-17 N/A 7.4 HIGH
Wazuh is a free and open source platform used for threat prevention, detection, and response. This bug introduced a stack overflow hazard that could allow a local privilege escalation. This vulnerability was patched in version 4.5.3.
CVE-2023-42116 1 Exim 1 Exim 2026-06-17 N/A 9.8 CRITICAL
Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-17515.
CVE-2023-42069 1 Pdf-xchange 2 Pdf-tools, Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
PDF-XChange Editor PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21166.
CVE-2023-41280 1 Qnap 3 Qts, Quts Hero, Qutscloud 2026-06-17 N/A 5.5 MEDIUM
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later