Vulnerabilities (CVE)

Filtered by CWE-121
Total 2851 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-59365 2026-06-17 N/A N/A
A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.
CVE-2025-59362 1 Squid-cache 1 Squid 2026-06-17 N/A 4.0 MEDIUM
Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c.
CVE-2025-59251 1 Microsoft 1 Edge Chromium 2026-06-17 N/A 7.6 HIGH
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-59149 1 Oisf 1 Suricata 2026-06-17 N/A 6.2 MEDIUM
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.
CVE-2025-58776 2026-06-17 N/A 7.8 HIGH
KV Studio versions 12.23 and prior contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
CVE-2025-58775 2026-06-17 N/A 7.8 HIGH
KV STUDIO and VT5-WX15/WX12 contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
CVE-2025-58413 1 Fortinet 2 Fortios, Fortisase 2026-06-17 N/A 7.5 HIGH
A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute unauthorized code or commands via specially crafted packets
CVE-2025-58319 1 Deltaww 1 Cncsoft-g2 2026-06-17 N/A 7.8 HIGH
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2025-58317 1 Deltaww 1 Cncsoft-g2 2026-06-17 N/A 7.8 HIGH
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2025-58301 1 Huawei 1 Harmonyos 2026-06-17 N/A 6.2 MEDIUM
Buffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability.
CVE-2025-58300 1 Huawei 1 Harmonyos 2026-06-17 N/A 6.2 MEDIUM
Buffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability.
CVE-2025-58298 1 Huawei 1 Harmonyos 2026-06-17 N/A 7.3 HIGH
Data processing error vulnerability in the package management module. Successful exploitation of this vulnerability may affect availability.
CVE-2025-58297 1 Huawei 1 Harmonyos 2026-06-17 N/A 5.9 MEDIUM
Buffer overflow vulnerability in the sensor service. Successful exploitation of this vulnerability may affect availability.
CVE-2025-58295 1 Huawei 1 Harmonyos 2026-06-17 N/A 5.9 MEDIUM
Buffer overflow vulnerability in the development framework module. Successful exploitation of this vulnerability may affect availability.
CVE-2025-57218 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 5.3 MEDIUM
Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C.
CVE-2025-57217 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 5.3 MEDIUM
Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler.
CVE-2025-57215 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info.
CVE-2025-57087 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 7.5 HIGH
Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the countryCode parameter in the werlessAdvancedSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57086 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 7.5 HIGH
Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the String parameter in the formDeleteMeshNode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57085 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.