Vulnerabilities (CVE)

Filtered by CWE-121
Total 2789 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-32299 1 Tenda 2 Fh1203, Fh1203 Firmware 2026-06-17 N/A 8.8 HIGH
Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function.
CVE-2024-32293 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 8.0 HIGH
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromDhcpListClient function.
CVE-2024-32291 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 7.5 HIGH
Tenda W30E v1.0 firmware v1.0.1.25(633) has a stack overflow vulnerability via the page parameter in the fromNatlimit function.
CVE-2024-32290 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 6.7 MEDIUM
Tenda W30E v1.0 v1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromAddressNat function.
CVE-2024-32288 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 6.3 MEDIUM
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromwebExcptypemanFilter function.
CVE-2024-32287 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 6.5 MEDIUM
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the qos parameter in the fromqossetting function.
CVE-2024-32285 1 Tenda 2 W30e, W30e Firmware 2026-06-17 N/A 8.0 HIGH
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the password parameter in the formaddUserName function.
CVE-2024-32228 1 Ffmpeg 1 Ffmpeg 2026-06-17 N/A 6.6 MEDIUM
FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevc_frame_end.
CVE-2024-31803 2026-06-17 N/A 6.2 MEDIUM
Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attacker to execute arbitrary code via the FerretCOT<T>::read_pre_data128_from_file function.
CVE-2024-31570 1 Freeimage Project 1 Freeimage 2026-06-17 N/A 9.8 CRITICAL
libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file.
CVE-2024-31504 1 Embedded-solutions 1 Freemodbus 2026-06-17 N/A 7.5 HIGH
Buffer Overflow vulnerability in SILA Embedded Solutions GmbH freemodbus v.2018-09-12 allows a remtoe attacker to cause a denial of service via the LINUXTCP server component.
CVE-2024-31496 1 Fortinet 3 Fortianalyzer, Fortianalyzer Big Data, Fortimanager 2026-06-17 N/A 6.7 MEDIUM
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.
CVE-2024-31470 2 Arubanetworks, Hp 2 Arubaos, Instantos 2026-06-17 N/A 9.8 CRITICAL
There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-31469 2 Arubanetworks, Hp 2 Arubaos, Instantos 2026-06-17 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-31468 2 Arubanetworks, Hp 2 Arubaos, Instantos 2026-06-17 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-31467 2 Arubanetworks, Hp 2 Arubaos, Instantos 2026-06-17 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-31466 2 Arubanetworks, Hp 2 Arubaos, Instantos 2026-06-17 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2024-31449 1 Redis 1 Redis 2026-06-17 N/A 7.0 HIGH
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-31203 1 Proges 1 Thermoscan Ip 2026-06-17 N/A 3.3 LOW
A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition on the target component.
CVE-2024-31163 2026-06-17 N/A 7.2 HIGH
ASUS Download Master has a buffer overflow vulnerability. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the device.