Common Weakness Enumeration

CWE-121

Allowed

Stack-based Buffer Overflow

Abstraction: Variant · Status: Draft

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

5212 vulnerabilities reference this CWE, most recent first.

CVE-2025-4480 (GCVE-0-2025-4480)

Vulnerability from cvelistv5 – Published: 2025-05-09 16:31 – Updated: 2025-05-09 19:53
VLAI
Title
code-projects Simple College Management System Add New Student input stack-based overflow
Summary
A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/?id.308194 vdb-entrytechnical-description
https://vuldb.com/?ctiid.308194 signaturepermissions-required
https://vuldb.com/?submit.566525 third-party-advisory
https://github.com/zzzxc643/cve/blob/main/SIMPLE_… exploit
https://code-projects.org/ product
Impacted products
Credits
zzzxc (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4480",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-09T19:53:05.406241Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-09T19:53:49.879Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Add New Student"
          ],
          "product": "Simple College Management System",
          "vendor": "code-projects",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "zzzxc (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "In code-projects Simple College Management System 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion input der Komponente Add New Student. Durch das Manipulieren des Arguments name/branch mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-09T16:31:04.879Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-308194 | code-projects Simple College Management System Add New Student input stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.308194"
        },
        {
          "name": "VDB-308194 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.308194"
        },
        {
          "name": "Submit #566525 | Multiple Buffer Overflow Vulnerabilities in SIMPLE COLLEGE MANAGEMENT SYSTEM v1.0 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.566525"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/zzzxc643/cve/blob/main/SIMPLE_COLLEGE_MANAGEMENT_SYSTEM.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://code-projects.org/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-09T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-05-09T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-05-09T13:45:39.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "code-projects Simple College Management System Add New Student input stack-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4480",
    "datePublished": "2025-05-09T16:31:04.879Z",
    "dateReserved": "2025-05-09T11:40:36.479Z",
    "dateUpdated": "2025-05-09T19:53:49.879Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4472 (GCVE-0-2025-4472)

Vulnerability from cvelistv5 – Published: 2025-05-09 08:00 – Updated: 2025-05-09 15:36
VLAI
Title
code-projects Departmental Store Management System bill stack-based overflow
Summary
A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/?id.308094 vdb-entrytechnical-description
https://vuldb.com/?ctiid.308094 signaturepermissions-required
https://vuldb.com/?submit.566516 third-party-advisory
https://github.com/zzzxc643/cve/blob/main/Departm… exploit
https://code-projects.org/ product
Impacted products
Credits
zzzxc (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4472",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-09T15:20:39.805036Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-09T15:36:06.113Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Departmental Store Management System",
          "vendor": "code-projects",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "zzzxc (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Es wurde eine kritische Schwachstelle in code-projects Departmental Store Management System 1.0 ausgemacht. Betroffen hiervon ist die Funktion bill. Mittels Manipulieren des Arguments Item Code mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-09T08:00:05.635Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-308094 | code-projects Departmental Store Management System bill stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.308094"
        },
        {
          "name": "VDB-308094 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.308094"
        },
        {
          "name": "Submit #566516 | Department Store Management System stack overflow in bill function  v1.0 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.566516"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/zzzxc643/cve/blob/main/Department_Store_Management_System.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://code-projects.org/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-08T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-05-08T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-05-08T21:27:57.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "code-projects Departmental Store Management System bill stack-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4472",
    "datePublished": "2025-05-09T08:00:05.635Z",
    "dateReserved": "2025-05-08T19:22:50.269Z",
    "dateUpdated": "2025-05-09T15:36:06.113Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4471 (GCVE-0-2025-4471)

Vulnerability from cvelistv5 – Published: 2025-05-09 07:31 – Updated: 2025-05-10 07:45
VLAI
Title
code-projects Jewelery Store Management system Search Item View stack-based overflow
Summary
A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component Search Item View. The manipulation of the argument str2 leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/?id.308090 vdb-entrytechnical-description
https://vuldb.com/?ctiid.308090 signaturepermissions-required
https://vuldb.com/?submit.566273 third-party-advisory
https://github.com/BinX-Lab/Store_buffer_overflow exploit
https://code-projects.org/ product
Impacted products
Credits
Jhhang (VulDB User) Jhhang (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4471",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-09T15:40:34.854381Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-09T15:40:46.151Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Search Item View"
          ],
          "product": "Jewelery Store Management system",
          "vendor": "code-projects",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Jhhang (VulDB User)"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "Jhhang (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component Search Item View. The manipulation of the argument str2 leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Eine kritische Schwachstelle wurde in code-projects Jewelery Store Management system 1.0 entdeckt. Davon betroffen ist unbekannter Code der Komponente Search Item View. Mit der Manipulation des Arguments str2 mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-10T07:45:20.475Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-308090 | code-projects Jewelery Store Management system Search Item View stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.308090"
        },
        {
          "name": "VDB-308090 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.308090"
        },
        {
          "name": "Submit #566273 | code-projects Jewelery Store Management system 0/1 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.566273"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/BinX-Lab/Store_buffer_overflow"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://code-projects.org/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-08T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-05-08T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-05-10T09:50:10.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "code-projects Jewelery Store Management system Search Item View stack-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4471",
    "datePublished": "2025-05-09T07:31:04.165Z",
    "dateReserved": "2025-05-08T19:18:17.587Z",
    "dateUpdated": "2025-05-10T07:45:20.475Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4447 (GCVE-0-2025-4447)

Vulnerability from cvelistv5 – Published: 2025-05-09 20:40 – Updated: 2025-05-10 01:46
VLAI
Title
Buffer Overflow in Eclipse OpenJ9
Summary
In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
Impacted products
Vendor Product Version
Eclipse Foundation OpenJ9 Affected: 0.8.0 , ≤ 0.49.0 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4447",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-10T01:46:36.961205Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-10T01:46:54.369Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenJ9",
          "vendor": "Eclipse Foundation",
          "versions": [
            {
              "lessThanOrEqual": "0.49.0",
              "status": "affected",
              "version": "0.8.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.\u003cbr\u003e"
            }
          ],
          "value": "In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-09T20:40:25.953Z",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/61"
        },
        {
          "url": "https://github.com/eclipse-openj9/openj9/pull/21762"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Buffer Overflow in Eclipse OpenJ9",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2025-4447",
    "datePublished": "2025-05-09T20:40:25.953Z",
    "dateReserved": "2025-05-08T18:35:35.538Z",
    "dateUpdated": "2025-05-10T01:46:54.369Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4425 (GCVE-0-2025-4425)

Vulnerability from cvelistv5 – Published: 2025-07-30 00:45 – Updated: 2025-08-14 05:56
VLAI
Title
SetupAutomationSmm: Stack overflow vulnerability in SMI handler
Summary
The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability.  https://support.lenovo.com/us/en/product_security/home
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
Impacted products
Vendor Product Version
Insyde Software InsydeH2O Affected: Feature developed for Lenovo , < L05.05.40.011803.172079 (custom)
Create a notification for this product.
Date Public
2025-07-30 00:25
Credits
BINARLY REsearch team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4425",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T13:59:54.430045Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T14:00:56.269Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "InsydeH2O",
          "vendor": "Insyde Software",
          "versions": [
            {
              "lessThan": "L05.05.40.011803.172079",
              "status": "affected",
              "version": "Feature developed for Lenovo",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "BINARLY REsearch team"
        }
      ],
      "datePublic": "2025-07-30T00:25:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/home\"\u003ehttps://support.lenovo.com/us/en/product_security/home\u003c/a\u003e"
            }
          ],
          "value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u00a0 https://support.lenovo.com/us/en/product_security/home"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T05:56:26.016Z",
        "orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
        "shortName": "Insyde"
      },
      "references": [
        {
          "url": "https://www.insyde.com/security-pledge/sa-2025007/"
        },
        {
          "url": "https://support.lenovo.com/us/en/product_security/home"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "SetupAutomationSmm: Stack overflow vulnerability in SMI handler",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
    "assignerShortName": "Insyde",
    "cveId": "CVE-2025-4425",
    "datePublished": "2025-07-30T00:45:32.592Z",
    "dateReserved": "2025-05-08T03:45:00.211Z",
    "dateUpdated": "2025-08-14T05:56:26.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4356 (GCVE-0-2025-4356)

Vulnerability from cvelistv5 – Published: 2025-05-06 13:00 – Updated: 2025-05-06 13:35
VLAI
Title
Tenda DAP-1520 Authentication storage mod_graph_auth_uri_handler stack-based overflow
Summary
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/?id.307474 vdb-entrytechnical-description
https://vuldb.com/?ctiid.307474 signaturepermissions-required
https://vuldb.com/?submit.564722 third-party-advisory
https://github.com/Ghostsuzhijian/Iot-/blob/main/… exploit
https://www.tenda.com.cn/ product
Impacted products
Vendor Product Version
Tenda DAP-1520 Affected: 1.10B04_BETA02
Create a notification for this product.
Credits
duojie_0x00 (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4356",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-06T13:34:31.985481Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-06T13:35:05.883Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Authentication Handler"
          ],
          "product": "DAP-1520",
          "vendor": "Tenda",
          "versions": [
            {
              "status": "affected",
              "version": "1.10B04_BETA02"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "duojie_0x00 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "In Tenda DAP-1520 1.10B04_BETA02 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion mod_graph_auth_uri_handler der Datei /storage der Komponente Authentication Handler. Mit der Manipulation mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 9,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-06T13:00:09.716Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-307474 | Tenda DAP-1520 Authentication storage mod_graph_auth_uri_handler stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.307474"
        },
        {
          "name": "VDB-307474 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.307474"
        },
        {
          "name": "Submit #564722 | Tenda DAP-1520 1.10B04_BETA02 stack-based Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.564722"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/Ghostsuzhijian/Iot-/blob/main/dap1520_mod_graph_auth_uri_handler/dap1520_mod_graph_auth_uri_handler.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.tenda.com.cn/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-05T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-05-05T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-05-05T19:14:14.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Tenda DAP-1520 Authentication storage mod_graph_auth_uri_handler stack-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4356",
    "datePublished": "2025-05-06T13:00:09.716Z",
    "dateReserved": "2025-05-05T17:09:07.425Z",
    "dateUpdated": "2025-05-06T13:35:05.883Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4354 (GCVE-0-2025-4354)

Vulnerability from cvelistv5 – Published: 2025-05-06 12:31 – Updated: 2025-05-06 13:17
VLAI
Title
Tenda DAP-1520 storage check_dws_cookie stack-based overflow
Summary
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/?id.307472 vdb-entrytechnical-description
https://vuldb.com/?ctiid.307472 signaturepermissions-required
https://vuldb.com/?submit.564719 third-party-advisory
https://github.com/Ghostsuzhijian/Iot-/blob/main/… exploit
https://www.tenda.com.cn/ product
Impacted products
Vendor Product Version
Tenda DAP-1520 Affected: 1.10B04_BETA02
Create a notification for this product.
Credits
duojie_0x00 (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4354",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-06T13:16:49.323490Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-06T13:17:16.484Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DAP-1520",
          "vendor": "Tenda",
          "versions": [
            {
              "status": "affected",
              "version": "1.10B04_BETA02"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "duojie_0x00 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in Tenda DAP-1520 1.10B04_BETA02 gefunden. Sie wurde als kritisch eingestuft. Dies betrifft die Funktion check_dws_cookie der Datei /storage. Dank der Manipulation mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 9,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-06T12:31:05.656Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-307472 | Tenda DAP-1520 storage check_dws_cookie stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.307472"
        },
        {
          "name": "VDB-307472 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.307472"
        },
        {
          "name": "Submit #564719 | Tenda DAP-1520 1.10B04_BETA02 Stack-based Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.564719"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/Ghostsuzhijian/Iot-/blob/main/DAP-1520_replace_special_char/DAP-1520_replace_special_char.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.tenda.com.cn/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-05T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-05-05T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-05-05T19:13:58.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Tenda DAP-1520 storage check_dws_cookie stack-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4354",
    "datePublished": "2025-05-06T12:31:05.656Z",
    "dateReserved": "2025-05-05T17:08:49.996Z",
    "dateUpdated": "2025-05-06T13:17:16.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4077 (GCVE-0-2025-4077)

Vulnerability from cvelistv5 – Published: 2025-04-29 18:00 – Updated: 2025-04-29 18:23
VLAI
Title
code-projects School Billing System searchrec stack-based overflow
Summary
A vulnerability classified as critical was found in code-projects School Billing System 1.0. This vulnerability affects the function searchrec. The manipulation of the argument Name leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/?id.306514 vdb-entrytechnical-description
https://vuldb.com/?ctiid.306514 signaturepermissions-required
https://vuldb.com/?submit.560534 third-party-advisory
https://github.com/zzzxc643/cve/blob/main/SCHOOL_… exploit
https://code-projects.org/ product
Impacted products
Credits
zzzxc (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4077",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-29T18:21:06.914355Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-29T18:23:14.738Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "School Billing System",
          "vendor": "code-projects",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "zzzxc (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability classified as critical was found in code-projects School Billing System 1.0. This vulnerability affects the function searchrec. The manipulation of the argument Name leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "In code-projects School Billing System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion searchrec. Durch Beeinflussen des Arguments Name mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-29T18:00:08.696Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-306514 | code-projects School Billing System searchrec stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.306514"
        },
        {
          "name": "VDB-306514 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.306514"
        },
        {
          "name": "Submit #560534 | SCHOOL_BILLING_SYSTEM stack overflow in searchrec function  v1.0 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.560534"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/zzzxc643/cve/blob/main/SCHOOL_BILLING_SYSTEM.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://code-projects.org/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-29T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-04-29T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-04-29T07:54:02.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "code-projects School Billing System searchrec stack-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4077",
    "datePublished": "2025-04-29T18:00:08.696Z",
    "dateReserved": "2025-04-29T05:48:59.007Z",
    "dateUpdated": "2025-04-29T18:23:14.738Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4069 (GCVE-0-2025-4069)

Vulnerability from cvelistv5 – Published: 2025-04-29 15:31 – Updated: 2025-04-29 17:48
VLAI
Title
code-projects Product Management System add_item stack-based overflow
Summary
A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/?id.306506 vdb-entrytechnical-description
https://vuldb.com/?ctiid.306506 signaturepermissions-required
https://vuldb.com/?submit.559516 third-party-advisory
https://github.com/zzzxc643/cve/blob/main/PRODUCT… exploit
https://code-projects.org/ product
Impacted products
Credits
zzzxc (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4069",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-29T17:48:39.129140Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-29T17:48:56.628Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/zzzxc643/cve/blob/main/PRODUCT_MANAGEMENT_SYSTEM.md"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Product Management System",
          "vendor": "code-projects",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "zzzxc (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Eine kritische Schwachstelle wurde in code-projects Product Management System 1.0 entdeckt. Es geht hierbei um die Funktion add_item. Mit der Manipulation des Arguments st.productname mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-29T15:31:06.405Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-306506 | code-projects Product Management System add_item stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.306506"
        },
        {
          "name": "VDB-306506 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.306506"
        },
        {
          "name": "Submit #559516 | PRODUCT_MANAGEMENT_SYSTEM stack overflow in add_item function  v1.0 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.559516"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/zzzxc643/cve/blob/main/PRODUCT_MANAGEMENT_SYSTEM.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://code-projects.org/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-29T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-04-29T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-04-29T07:35:03.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "code-projects Product Management System add_item stack-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4069",
    "datePublished": "2025-04-29T15:31:06.405Z",
    "dateReserved": "2025-04-29T05:29:59.628Z",
    "dateUpdated": "2025-04-29T17:48:56.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4068 (GCVE-0-2025-4068)

Vulnerability from cvelistv5 – Published: 2025-04-29 15:31 – Updated: 2025-04-29 15:57
VLAI
Title
code-projects Simple Movie Ticket Booking System changeprize stack-based overflow
Summary
A vulnerability classified as critical was found in code-projects Simple Movie Ticket Booking System 1.0. Affected by this vulnerability is the function changeprize. The manipulation of the argument prize leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/?id.306505 vdb-entrytechnical-description
https://vuldb.com/?ctiid.306505 signaturepermissions-required
https://vuldb.com/?submit.559479 third-party-advisory
https://github.com/zzzxc643/cve/blob/main/MOVIE_T… exploit
https://code-projects.org/ product
Impacted products
Credits
zzzxc (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4068",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-29T15:53:56.800302Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-29T15:57:26.952Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Simple Movie Ticket Booking System",
          "vendor": "code-projects",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "zzzxc (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability classified as critical was found in code-projects Simple Movie Ticket Booking System 1.0. Affected by this vulnerability is the function changeprize. The manipulation of the argument prize leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "In code-projects Simple Movie Ticket Booking System 1.0 wurde eine kritische Schwachstelle entdeckt. Es geht um die Funktion changeprize. Dank Manipulation des Arguments prize mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-29T15:31:04.352Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-306505 | code-projects Simple Movie Ticket Booking System changeprize stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.306505"
        },
        {
          "name": "VDB-306505 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.306505"
        },
        {
          "name": "Submit #559479 | MOVIE TICKET BOOKING SYSTEM stack overflow in insert_details function  v1.0 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.559479"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/zzzxc643/cve/blob/main/MOVIE_TICKET_BOOKING_SYSTEM.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://code-projects.org/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-29T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-04-29T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-04-29T07:25:49.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "code-projects Simple Movie Ticket Booking System changeprize stack-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4068",
    "datePublished": "2025-04-29T15:31:04.352Z",
    "dateReserved": "2025-04-29T05:20:45.606Z",
    "dateUpdated": "2025-04-29T15:57:26.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-10
Operation Build and Compilation

Strategy: Environment Hardening

  • Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
  • D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Implementation

Implement and perform bounds checking on input.

Mitigation
Implementation

Do not use dangerous functions such as gets. Use safer, equivalent functions which check for boundary errors.

Mitigation MIT-11
Operation Build and Compilation

Strategy: Environment Hardening

  • Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
  • Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
  • For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].

No CAPEC attack patterns related to this CWE.