High
CVE-2022-37080
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the command parameter at setting/setTracerouteCfg.
Tag: Stack Overflow
All CVEs associated with "Stack Overflow". Page 11/15 • 1692 CVEs.
Subscribe CVEs: RSS for “Stack Overflow” · RSS (High+Critical only)
About “Stack Overflow”
A curated feed of “Stack Overflow”-related CVEs appears below. We currently track 1692 CVEs for this tag (all time). In the last 365 days, 200 were published. Average CVSS is 8.1 (all time; 7.2 over 365d), and 80% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-121 - Stack-based Buffer Overflow, CWE-674 - Uncontrolled Recursion, CWE-787 - Out-of-bounds Write.
In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2022-08-25
High
CVE-2022-37077
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the pppoeUser parameter.
High
CVE-2022-37075
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
High
CVE-2022-37074
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set.
Critical
CVE-2022-37073
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanModeMulti.
Critical
CVE-2022-37072
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti.
Critical
CVE-2022-37071
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateOne2One.
Critical
CVE-2022-37069
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateSnat.
Critical
CVE-2022-37068
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal.
Critical
CVE-2022-37067
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanParamsMulti.
Critical
CVE-2022-37066
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateDDNS.
Critical
CVE-2022-36520
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function DEleteusergroup.
Critical
CVE-2022-36519
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function AddWlanMacList.
Critical
CVE-2022-36518
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditWlanMacList.
Critical
CVE-2022-36517
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function debug_wlan_advance.
Critical
CVE-2022-36516
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function ap_version_check.
Critical
CVE-2022-36515
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function addactionlist.
Critical
CVE-2022-36514
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function WanModeSetMultiWan.
Critical
CVE-2022-36513
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist.
Critical
CVE-2022-36511
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo.
High
CVE-2022-36508
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById.
High
CVE-2022-36507
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddWlanMacList.
High
CVE-2022-36506
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMacAccessMode.
High
CVE-2022-36505
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EDitusergroup.
High
CVE-2022-36504
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID.
High
CVE-2022-36503
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateMacClone.
High
CVE-2022-36502
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateWanParams.
High
CVE-2022-36501
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateSnat.
High
CVE-2022-36500
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditWlanMacList.
High
CVE-2022-36499
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function DEleteusergroup.
High
CVE-2022-36498
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.
High
CVE-2022-36497
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G.
High
CVE-2022-36496
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMobileAPInfoById.
High
CVE-2022-36495
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function addactionlist.
High
CVE-2022-36494
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function edditactionlist.
High
CVE-2022-36493
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById.
High
CVE-2022-36492
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddMacList.
High
CVE-2022-36491
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateIpv6Params.
High
CVE-2022-36490
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditMacList.
High
CVE-2022-36489
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EnableIpv6.
High
CVE-2022-36488
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.
High
CVE-2022-36484
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg.
High
CVE-2022-36483
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter.
High
CVE-2022-36480
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
High
CVE-2022-36478
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID.
High
CVE-2022-36477
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddWlanMacList.
High
CVE-2022-36475
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddMacList.
High
CVE-2022-36474
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function WlanWpsSet.
High
CVE-2022-36473
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G.
High
CVE-2022-36472
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMobileAPInfoById.
High
CVE-2022-36471
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMacAccessMode.
High
CVE-2022-36470
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAP5GWifiById.
High
CVE-2022-36469
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById.
High
CVE-2022-36468
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.
High
CVE-2022-36467
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function EditMacList.d.
High
CVE-2022-36466
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
High
CVE-2022-36465
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.
High
CVE-2022-36464
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.
High
CVE-2022-36463
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
High
CVE-2022-36462
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.
2022-08-24
High
CVE-2022-25903
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow e…
2022-08-22
Critical
CVE-2022-37134
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which do…
2022-08-16
High
CVE-2022-38227
XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp.
Medium
CVE-2022-35111
SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer::StackDepotNode::hash(__sanitizer::StackTrace const&) at /sanitizer_common/sanitizer_stackdepot.cpp.
Medium
CVE-2022-35107
SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vfprintf.c.
Medium
CVE-2022-35008
PNGDec commit 8abf6be was discovered to contain a stack overflow via /linux/main.cpp.
2022-08-12
High
CVE-2022-35561
A stack overflow vulnerability exists in /goform/WifiMacFilterSet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
High
CVE-2022-35560
A stack overflow vulnerability exists in /goform/wifiSSIDset in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
Critical
CVE-2022-35559
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An at…
High
CVE-2022-35558
A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
High
CVE-2022-35557
A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
2022-08-11
Medium
CVE-2022-20382
In (TBD) of (TBD), there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is…
2022-08-03
High
CVE-2022-35506
TripleCross v0.1.0 was discovered to contain a stack overflow which occurs because there is no limit to the length of program parameters.
High
CVE-2022-34927
MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file.
2022-07-29
High
CVE-2022-34528
D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.
Medium
CVE-2022-34526
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffs…
2022-07-20
Critical
CVE-2022-34610
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app.
Critical
CVE-2022-34609
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp.
Critical
CVE-2022-34608
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget.
Critical
CVE-2022-34607
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp.
Critical
CVE-2022-34606
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp.
Critical
CVE-2022-34605
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp.
Critical
CVE-2022-34604
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp.
Critical
CVE-2022-34603
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm.
Critical
CVE-2022-34602
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm.
Critical
CVE-2022-34601
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm.
Critical
CVE-2022-34600
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm.
Critical
CVE-2022-34599
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm.
2022-07-15
High
CVE-2022-32434
EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d.
2022-07-06
Critical
CVE-2022-32385
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
Critical
CVE-2022-32383
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
2022-07-01
High
CVE-2022-32384
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
High
CVE-2022-32053
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c.
High
CVE-2022-32052
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4.
High
CVE-2022-32051
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4.
High
CVE-2022-32050
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40.
High
CVE-2022-32049
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540.
High
CVE-2022-32048
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88.
High
CVE-2022-32047
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4.
High
CVE-2022-32046
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c.
High
CVE-2022-32045
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4.
High
CVE-2022-32044
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80.
High
CVE-2022-32043
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo.
High
CVE-2022-32041
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData.
High
CVE-2022-32040
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetCfm.
High
CVE-2022-32039
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient.
High
CVE-2022-32037
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg.
High
CVE-2022-32036
Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.
High
CVE-2022-32035
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.
High
CVE-2022-32034
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist.
High
CVE-2022-32033
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
Critical
CVE-2022-32032
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.
High
CVE-2022-32031
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
High
CVE-2022-32030
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.
2022-06-30
High
CVE-2022-33087
A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
2022-06-28
High
CVE-2022-33108
XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files.
2022-06-27
Medium
CVE-2022-31099
rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an exp…
High
CVE-2022-33007
TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overflow via the function genacgi_main.
2022-06-23
High
CVE-2022-33034
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
2022-06-09
High
CVE-2022-31019
Vapor is a server-side Swift HTTP web framework. When using automatic content decoding an attacker can craft a request body that can make the server crash with the following request: `curl -d "array[…