Vulnerabilities (CVE)

Filtered by CWE-121
Total 2789 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-35387 1 Totolink 2 Lr350, Lr350 Firmware 2026-06-17 N/A 9.8 CRITICAL
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
CVE-2024-35333 2026-06-17 N/A 8.4 HIGH
A stack-buffer-overflow vulnerability exists in the read_charset_decl function of html2xhtml 1.3. This vulnerability occurs due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this vulnerability by providing a specially crafted input to the vulnerable function, causing a buffer overflow and potentially leading to arbitrary code execution, denial of service, or data corruption.
CVE-2024-35279 1 Fortinet 1 Fortios 2026-06-17 N/A 8.1 HIGH
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to evade FortiOS stack protections and provided the fabric service is running on the exposed interface.
CVE-2024-35276 1 Fortinet 4 Fortianalyzer, Fortianalyzer Cloud, Fortimanager and 1 more 2026-06-17 N/A 5.6 MEDIUM
A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
CVE-2024-34946 1 Tenda 2 Fh1206, Fh1206 Firmware 2026-06-17 N/A 6.5 MEDIUM
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.
CVE-2024-34944 1 Tenda 2 Fh1206, Fh1206 Firmware 2026-06-17 N/A 8.8 HIGH
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.
CVE-2024-34943 1 Tenda 2 Fh1206, Fh1206 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting.
CVE-2024-34942 1 Tenda 2 Fh1206, Fh1206 Firmware 2026-06-17 N/A 8.8 HIGH
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand.
CVE-2024-34773 1 Siemens 1 Solid Edge Se2024 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
CVE-2024-34579 2026-06-17 N/A 7.8 HIGH
Fuji Electric Alpha5 SMART is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
CVE-2024-34308 1 Totolink 2 Lr350, Lr350 Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the function urldecode.
CVE-2024-34217 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 7.7 HIGH
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function.
CVE-2024-34215 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 7.3 HIGH
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function.
CVE-2024-34213 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 9.8 CRITICAL
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function.
CVE-2024-34212 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 7.3 HIGH
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function.
CVE-2024-34209 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 9.8 CRITICAL
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function.
CVE-2024-34207 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function.
CVE-2024-34203 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 3.8 LOW
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function.
CVE-2024-34202 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 6.5 MEDIUM
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function.
CVE-2024-34201 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-17 N/A 7.3 HIGH
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function.