Total
2103 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-21903 | 1 Juniper | 1 Junos | 2026-01-23 | N/A | 6.5 MEDIUM |
| A Stack-based Buffer Overflow vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a network-based attacker, authenticated with low privileges to cause a Denial-of-Service (DoS). Subscribing to telemetry sensors at scale causes all FPC connections to drop, resulting in an FPC crash and restart. The issue was not seen when YANG packages for the specific sensors were installed. This issue affects Junos OS: * all versions before 22.4R3-S7, * 23.2 version before 23.2R2-S4, * 23.4 versions before 23.4R2. | |||||
| CVE-2025-70304 | 1 Gpac | 1 Gpac | 2026-01-23 | N/A | 7.5 HIGH |
| A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet. | |||||
| CVE-2025-70305 | 1 Gpac | 1 Gpac | 2026-01-23 | N/A | 5.5 MEDIUM |
| A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file. | |||||
| CVE-2025-70309 | 1 Gpac | 1 Gpac | 2026-01-23 | N/A | 5.5 MEDIUM |
| A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file. | |||||
| CVE-2024-36600 | 1 Gnu | 1 Libcdio | 2026-01-22 | N/A | 8.4 HIGH |
| Buffer Overflow Vulnerability in libcdio 2.2.0 (fixed in 2.3.0) allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. | |||||
| CVE-2025-66176 | 1 Hikvision | 56 Ds-k1t105a, Ds-k1t105a Firmware, Ds-k1t201a and 53 more | 2026-01-22 | N/A | 8.8 HIGH |
| There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device. | |||||
| CVE-2025-68622 | 1 Espressif | 1 Usb Host Uvc Class Driver | 2026-01-22 | N/A | 6.8 MEDIUM |
| Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class (UVC) device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC configuration-descriptor printing is enabled, the host prints detailed descriptor information provided by the connected USB device. A specially crafted UVC descriptor may advertise an excessively large length. Because this value is not validated before being copied into a fixed-size stack buffer, an attacker can overflow the buffer and corrupt memory. This vulnerability is fixed in 2.4.0. | |||||
| CVE-2026-22213 | 1 Riot-os | 1 Riot | 2026-01-21 | N/A | 9.8 CRITICAL |
| RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen() function, which constructs a device path using unbounded user-controlled input. The utility uses strcpy() and strcat() to concatenate the fixed prefix '/dev/' with a user-supplied device name provided via the -s command-line option without bounds checking. This allows an attacker to supply an excessively long device name and overflow a fixed-size stack buffer, leading to process crashes and memory corruption. | |||||
| CVE-2026-22214 | 1 Riot-os | 1 Riot | 2026-01-21 | N/A | 9.8 CRITICAL |
| RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the _handle_char() function, where incoming frame bytes are appended to a fixed-size stack buffer without verifying that the current write index remains within bounds. An attacker capable of sending crafted serial or TCP-framed input can cause the current write index to exceed the buffer size, resulting in a write past the end of the stack buffer. This condition leads to memory corruption and application crash. | |||||
| CVE-2024-57440 | 1 Dlink | 2 Dsl-3788, Dsl-3788 Firmware | 2026-01-20 | N/A | 7.5 HIGH |
| D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer Overflow via the COMM_MAKECustomMsg function of the webproc cgi | |||||
| CVE-2025-71023 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-20 | N/A | 7.5 HIGH |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70747 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serviceName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-71021 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70744 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the cloneType parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-71019 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the wanSpeed parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-70656 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-20 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the mac parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-14423 | 1 Gimp | 1 Gimp | 2026-01-20 | N/A | 7.8 HIGH |
| GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28311. | |||||
| CVE-2025-43025 | 1 Hp | 1 Universal Print Driver | 2026-01-20 | N/A | 7.5 HIGH |
| HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.). | |||||
| CVE-2025-70753 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2026-01-16 | N/A | 7.5 HIGH |
| Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_4CA50 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-71024 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-01-16 | N/A | 7.5 HIGH |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||