Common Weakness Enumeration

CWE-121

Allowed

Stack-based Buffer Overflow

Abstraction: Variant · Status: Draft

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

5215 vulnerabilities reference this CWE, most recent first.

GHSA-F6HV-C34J-XJPH

Vulnerability from github – Published: 2025-08-14 18:31 – Updated: 2025-08-15 18:31
VLAI
Details

An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). A Stack buffer out-of-bounds access exists because of an integer underflow when handling newline characters.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-43683"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-14T17:15:33Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). A Stack buffer out-of-bounds access exists because of an integer underflow when handling newline characters.",
  "id": "GHSA-f6hv-c34j-xjph",
  "modified": "2025-08-15T18:31:11Z",
  "published": "2025-08-14T18:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43683"
    },
    {
      "type": "WEB",
      "url": "https://www.malwarebytes.com/secure/cves/cve-2023-43683"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F6V5-HJXR-P24J

Vulnerability from github – Published: 2024-07-08 12:31 – Updated: 2024-07-11 15:30
VLAI
Details

The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27459"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-08T11:15:10Z",
    "severity": "HIGH"
  },
  "details": "The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges.",
  "id": "GHSA-f6v5-hjxr-p24j",
  "modified": "2024-07-11T15:30:44Z",
  "published": "2024-07-08T12:31:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27459"
    },
    {
      "type": "WEB",
      "url": "https://community.openvpn.net/openvpn/wiki/CVE-2024-27459"
    },
    {
      "type": "WEB",
      "url": "https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974"
    },
    {
      "type": "WEB",
      "url": "https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F755-P72C-MHGQ

Vulnerability from github – Published: 2024-04-24 15:30 – Updated: 2024-04-24 15:30
VLAI
Details

A vulnerability classified as critical was found in Tenda TX9 22.03.02.10. This vulnerability affects the function sub_42D4DC of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261856. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-4113"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-24T15:15:48Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability classified as critical was found in Tenda TX9 22.03.02.10. This vulnerability affects the function sub_42D4DC of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261856. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-f755-p72c-mhgq",
  "modified": "2024-04-24T15:30:36Z",
  "published": "2024-04-24T15:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4113"
    },
    {
      "type": "WEB",
      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/TX9/fromSetSysTime.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.261856"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.261856"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.317217"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F7GP-8JP4-WWJ5

Vulnerability from github – Published: 2024-05-14 18:30 – Updated: 2024-07-03 18:41
VLAI
Details

Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-34946"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-14T15:39:38Z",
    "severity": "MODERATE"
  },
  "details": "Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.",
  "id": "GHSA-f7gp-8jp4-wwj5",
  "modified": "2024-07-03T18:41:08Z",
  "published": "2024-05-14T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34946"
    },
    {
      "type": "WEB",
      "url": "https://palm-vertebra-fe9.notion.site/fromDhcpListClient_page-c9ee71f670534555a5ef2d99320da48e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F7Q5-J64X-4X4P

Vulnerability from github – Published: 2025-11-13 12:31 – Updated: 2025-11-13 12:31
VLAI
Details

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7704"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-13T10:15:54Z",
    "severity": "MODERATE"
  },
  "details": "Supermicro BMC  Insyde SMASH shell program has a stacked-based overflow vulnerability",
  "id": "GHSA-f7q5-j64x-4x4p",
  "modified": "2025-11-13T12:31:42Z",
  "published": "2025-11-13T12:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7704"
    },
    {
      "type": "WEB",
      "url": "https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2025"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F854-G8C6-MQ5Q

Vulnerability from github – Published: 2024-11-22 21:32 – Updated: 2024-11-22 21:32
VLAI
Details

Trimble SketchUp Viewer SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24110.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9726"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-22T21:15:25Z",
    "severity": "HIGH"
  },
  "details": "Trimble SketchUp Viewer SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24110.",
  "id": "GHSA-f854-g8c6-mq5q",
  "modified": "2024-11-22T21:32:20Z",
  "published": "2024-11-22T21:32:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9726"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1475"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F869-2W7M-Q4P9

Vulnerability from github – Published: 2026-01-23 18:31 – Updated: 2026-01-23 18:31
VLAI
Details

dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local buffer overflow vulnerability that allows attackers to overwrite memory by manipulating the milstd1553result.txt file. Attackers can craft a malicious file with carefully constructed payload and alignment sections to potentially execute arbitrary code on the Windows system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47881"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-23T17:15:51Z",
    "severity": "MODERATE"
  },
  "details": "dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local buffer overflow vulnerability that allows attackers to overwrite memory by manipulating the milstd1553result.txt file. Attackers can craft a malicious file with carefully constructed payload and alignment sections to potentially execute arbitrary code on the Windows system.",
  "id": "GHSA-f869-2w7m-q4p9",
  "modified": "2026-01-23T18:31:29Z",
  "published": "2026-01-23T18:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47881"
    },
    {
      "type": "WEB",
      "url": "https://www.ddc-web.com"
    },
    {
      "type": "WEB",
      "url": "https://www.ddc-web.com/en/connectivity/databus/milstd1553-1/software-1/bu-69414?partNumber=BU-69414"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/49577"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/datasims-avionics-arinc-local-buffer-overflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-F8CC-G7J8-XXPM

Vulnerability from github – Published: 2022-12-30 16:58 – Updated: 2022-12-30 16:58
VLAI
Summary
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
Details

Impact

The vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream.

Patches

XStream 1.4.20 handles the stack overflow and raises an InputManipulationException instead.

Workarounds

The only solution is to catch the StackOverflowError in the client code calling XStream.

References

See full information about the nature of the vulnerability and the steps to reproduce it in XStream's documentation for CVE-2022-40151.

Credits

The vulnerability was discovered and reported by Henry Lin of the Google OSS-Fuzz team.

For more information

If you have any questions or comments about this advisory: * Open an issue in XStream * Contact us at XStream Google Group

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.thoughtworks.xstream:xstream"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.20"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-40151"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121",
      "CWE-502",
      "CWE-787"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-30T16:58:39Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Impact\nThe vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream.\n\n### Patches\nXStream 1.4.20 handles the stack overflow and raises an InputManipulationException instead.\n\n### Workarounds\nThe only solution is to catch the StackOverflowError in the client code calling XStream.\n\n### References\nSee full information about the nature of the vulnerability and the steps to reproduce it in XStream\u0027s documentation for [CVE-2022-40151](https://x-stream.github.io/CVE-2022-40151.html).\n\n### Credits\nThe vulnerability was discovered and reported by Henry Lin of the Google OSS-Fuzz team.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [XStream](https://github.com/x-stream/xstream/issues)\n* Contact us at [XStream Google Group](https://groups.google.com/group/xstream-user)\n",
  "id": "GHSA-f8cc-g7j8-xxpm",
  "modified": "2022-12-30T16:58:39Z",
  "published": "2022-12-30T16:58:39Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/x-stream/xstream/security/advisories/GHSA-f8cc-g7j8-xxpm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151"
    },
    {
      "type": "WEB",
      "url": "https://github.com/x-stream/xstream/issues/304"
    },
    {
      "type": "WEB",
      "url": "https://github.com/x-stream/xstream/issues/314"
    },
    {
      "type": "WEB",
      "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47367"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/x-stream/xstream"
    },
    {
      "type": "WEB",
      "url": "https://x-stream.github.io/CVE-2022-40151.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow"
}

GHSA-F8FG-9V3C-G666

Vulnerability from github – Published: 2024-03-28 15:30 – Updated: 2024-08-01 15:31
VLAI
Details

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the mitInterface parameter of the fromAddressNat function.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-30583"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-28T14:15:14Z",
    "severity": "HIGH"
  },
  "details": "Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the mitInterface parameter of the fromAddressNat function.",
  "id": "GHSA-f8fg-9v3c-g666",
  "modified": "2024-08-01T15:31:34Z",
  "published": "2024-03-28T15:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30583"
    },
    {
      "type": "WEB",
      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/fromAddressNat_mitInterface.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F8Q2-J8XF-7XHH

Vulnerability from github – Published: 2024-04-27 21:30 – Updated: 2024-04-27 21:30
VLAI
Details

A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as critical. This issue affects the function formAddMacfilterRule of the file /goform/setBlackRule. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262223. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-4291"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-27T20:15:07Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as critical. This issue affects the function formAddMacfilterRule of the file /goform/setBlackRule. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262223. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-f8q2-j8xf-7xhh",
  "modified": "2024-04-27T21:30:30Z",
  "published": "2024-04-27T21:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4291"
    },
    {
      "type": "WEB",
      "url": "https://github.com/L1ziang/Vulnerability/blob/main/formAddMacfilterRule.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.262223"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.262223"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.320672"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-10
Operation Build and Compilation

Strategy: Environment Hardening

  • Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
  • D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Implementation

Implement and perform bounds checking on input.

Mitigation
Implementation

Do not use dangerous functions such as gets. Use safer, equivalent functions which check for boundary errors.

Mitigation MIT-11
Operation Build and Compilation

Strategy: Environment Hardening

  • Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
  • Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
  • For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].

No CAPEC attack patterns related to this CWE.