CWE-121

High likelihood

Stack-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

3,424 vulnerabilities with CWE-121
CVE-2022-3409 HIGH
OpenBMC 2.10.0-2.12.9 - Denial of Service via Unclosed HTTP Headers in Multipart Parser
CVSS 8.2
CVE-2022-32454 CRITICAL
Abode Systems iota All-In-One Security Kit 6.9X and 6.9Z - Stack-based Buffer Overflow via XCMD setIPCam
CVSS 9.8
CVE-2022-23462 MEDIUM
iowow < 1.4.15 - Denial of Service via JSON Scientific Notation Parsing
CVSS 6.2
CVE-2022-42339 HIGH
Adobe Acrobat and Acrobat Reader < 22.003.20258 and < 20.005.30407 - Stack-based Buffer Overflow
CVSS 7.8
CVE-2022-38450 HIGH
Adobe Acrobat Reader <22.002.20212, 20.005.30381 - RCE
CVSS 7.8
CVE-2022-35710 CRITICAL
Adobe ColdFusion <Update 14 - Buffer Overflow
CVSS 9.8
CVE-2022-35690 CRITICAL
Adobe ColdFusion <Update 14 - Buffer Overflow
CVSS 9.8
CVE-2022-38672 MEDIUM
Face Detect Driver - Memory Corruption
CVSS 5.5
CVE-2022-32493 MEDIUM
Dell Alienware BIOS < 1.21.0 (Area-51m R1) - Authenticated Stack-Based Buffer Overflow via SMI
CVSS 6.0
CVE-2022-35299 CRITICAL
SAP SQL Anywhere 17.0 and SAP IQ 16.1 - Stack-based Buffer Overflow
CVSS 9.8
CVE-2022-36063 HIGH
eclipse/threadx_usbx < 6.1.11 - Integer Underflow and Buffer Overflow in _ux_host_class_cdc_ecm_mac_address_get
CVSS 7.6
CVE-2022-40160 MEDIUM
Apache Commons Jxpath < 1.3 - Out-of-Bounds Write
CVSS 6.5
CVE-2022-40159 MEDIUM
Apache Commons Jxpath < 1.3 - Out-of-Bounds Write
CVSS 6.5
CVE-2022-3324 HIGH
vim/vim <9.0.0598 - Buffer Overflow
CVSS 7.8
CVE-2022-23006 LOW
Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi Firmware < 8.10.0-117 - Stack-based Buffer Overflow
CVSS 1.8
CVE-2022-3296 HIGH
vim/vim <9.0.0577 - Buffer Overflow
CVSS 7.8
CVE-2022-2972 CRITICAL
libiec61850 < 1.5.0 - Stack-based Buffer Overflow
CVSS 10.0
CVE-2022-2970 CRITICAL
libiec61850 < 1.5.0 - Stack-based Buffer Overflow via Unsanitized Input to memcpy
CVSS 10.0
CVE-2022-2070 CRITICAL
Grandstream GSD3710 1.0.11.13 - Stack-based Buffer Overflow via sscanf Parameter Length Mismatch
CVSS 9.8
CVE-2022-2025 CRITICAL
Grandstream GSD3710 1.0.11.13 - Authenticated Stack-based Buffer Overflow via strcopy
CVSS 9.8
CVE-2022-40250 HIGH
Intel NUC M15 LAPBC510/LAPBC710 Firmware - SMM Privilege Escalation & Code Execution via SmmSmbiosElog
CVSS 8.8
CVE-2022-26873 HIGH
AMI Aptio V PlatformInitAdvancedPreMem - PEI Code Execution and SMRAM Injection
CVSS 8.2
CVE-2022-40152 MEDIUM
xstream/xstream < 1.4.20 - Denial of Service via Stack Overflow in XML Parsing
CVSS 6.5
CVE-2022-40151 MEDIUM
Xstream < 1.4.20 - Denial of Service via Stack Overflow in XML Parser
CVSS 6.5
CVE-2022-40149 MEDIUM
jettison < 1.4.0 - Denial of Service via Stack Overflow in XML/JSON Parser
CVSS 6.5
Details
Vulnerabilities 3,424
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits