Vulnerabilities (CVE)

Filtered by CWE-121
Total 2789 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-34195 1 Totolink 2 A3002r, A3002r Firmware 2026-06-17 N/A 9.8 CRITICAL
TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. This oversight leads to potential buffer overflow under specific circumstances. For instance, by invoking the formWlanRedirect function with specific parameters to alter wlan_idx's value and subsequently invoking the formWlEncrypt function, an attacker can trigger buffer overflow, enabling arbitrary command execution or denial of service attacks.
CVE-2024-34171 1 Fujielectric 1 Monitouch V-sft 2026-06-17 N/A 7.8 HIGH
Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code.
CVE-2024-34087 2026-06-17 N/A 9.8 CRITICAL
An SEH-based buffer overflow in the BPQ32 HTTP Server in BPQ32 6.0.24.1 allows remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request.
CVE-2024-34085 1 Siemens 2 Jt2go, Teamcenter Visualization 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10), Teamcenter Visualization V14.3 (All versions < V14.3.0.7), Teamcenter Visualization V2312 (All versions < V2312.0001). The affected applications contain a stack overflow vulnerability while parsing specially crafted XML files. This could allow an attacker to execute code in the context of the current process.
CVE-2024-34026 1 Openplcproject 1 Openplc V3 Firmware 2026-06-17 N/A 9.0 CRITICAL
A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.
CVE-2024-34020 2026-06-17 N/A 6.5 MEDIUM
A stack-based buffer overflow was found in the putSDN() function of mail.c in hcode through 2.1.
CVE-2024-33835 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function.
CVE-2024-33782 1 Csiro 1 Multi-protocol Spdz 2026-06-17 N/A 7.5 HIGH
MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function OTExtensionWithMatrix::extend in /OT/OTExtensionWithMatrix.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message.
CVE-2024-33772 1 Dlink 2 Dir-619l, Dir-619l Firmware 2026-06-17 N/A 5.7 MEDIUM
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter "curTime."
CVE-2024-33599 3 Debian, Gnu, Netapp 13 Debian Linux, Glibc, H300s and 10 more 2026-06-17 N/A 8.1 HIGH
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
CVE-2024-33577 1 Siemens 2 Simcenter Femap, Simcenter Nastran 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the context of the current process.
CVE-2024-33518 1 Arubanetworks 1 Arubaos 2026-06-17 N/A 5.3 MEDIUM
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.
CVE-2024-33517 1 Arubanetworks 1 Arubaos 2026-06-17 N/A 5.3 MEDIUM
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.
CVE-2024-33516 1 Arubanetworks 1 Arubaos 2026-06-17 N/A 5.3 MEDIUM
An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller.
CVE-2024-33515 1 Arubanetworks 1 Arubaos 2026-06-17 N/A 5.3 MEDIUM
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service.
CVE-2024-33514 1 Arubanetworks 1 Arubaos 2026-06-17 N/A 5.3 MEDIUM
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service.
CVE-2024-33513 1 Arubanetworks 1 Arubaos 2026-06-17 N/A 5.9 MEDIUM
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service.
CVE-2024-33512 2026-06-17 N/A 9.8 CRITICAL
There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-33511 2026-06-17 N/A 9.8 CRITICAL
There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-33217 1 Tenda 2 Fh1206, Fh1206 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter in ip/goform/addressNat.