Total
2769 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25391 | 1 Rt-thread | 1 Rt-thread | 2025-04-16 | 8.4 High |
| A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2. | ||||
| CVE-2024-25393 | 1 Rt-thread | 1 Rt-thread | 2025-04-16 | 9.8 Critical |
| A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2. | ||||
| CVE-2021-23138 | 1 We-con | 1 Levistudiou | 2025-04-16 | 7.8 High |
| WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. | ||||
| CVE-2022-21137 | 1 Omron | 1 Cx-one | 2025-04-16 | 7.8 High |
| Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2022-25170 | 1 Fatek | 1 Fvdesigner | 2025-04-16 | 7.8 High |
| The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code | ||||
| CVE-2022-26419 | 1 Omron | 1 Cx-position | 2025-04-16 | 7.8 High |
| Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code. | ||||
| CVE-2022-21228 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2025-04-16 | 7.8 High |
| The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2022-1888 | 1 Fujielectric | 2 Alpha7 Pc Loader, Alpha7 Pc Loader Firmware | 2025-04-16 | 7.8 High |
| Alpha7 PC Loader (All versions) is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2022-1405 | 1 Deltaww | 1 Cncsoft | 2025-04-16 | 7.8 High |
| CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition. | ||||
| CVE-2022-2895 | 1 Measuresoft | 1 Scadapro Server | 2025-04-16 | 7.8 High |
| Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file. | ||||
| CVE-2022-2896 | 1 Measuresoft | 1 Scadapro Server | 2025-04-16 | 7.8 High |
| Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project file. | ||||
| CVE-2021-32976 | 1 Moxa | 8 Nport Iaw5150a-12i\/o, Nport Iaw5150a-12i\/o Firmware, Nport Iaw5150a-6i\/o and 5 more | 2025-04-16 | 9.8 Critical |
| Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code. | ||||
| CVE-2022-1068 | 1 Modbustools | 1 Modbus Slave | 2025-04-16 | 5.5 Medium |
| Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used. | ||||
| CVE-2021-38427 | 1 Rti | 2 Connext Professional, Connext Secure | 2025-04-16 | 6.6 Medium |
| RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code. | ||||
| CVE-2021-38433 | 1 Rti | 2 Connext Professional, Connext Secure | 2025-04-16 | 6.6 Medium |
| RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code. | ||||
| CVE-2020-16209 | 1 Fieldcommgroup | 3 Hart-ip Developer Kit, Hart-ip Developer Kit Firmware, Hipserver | 2025-04-16 | 9.8 Critical |
| A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0) by constructing messages with sufficiently large payloads to overflow the internal buffer and crash the device, or obtain control of the device. | ||||
| CVE-2021-32941 | 1 Annke | 2 N48pbb, N48pbb Firmware | 2025-04-16 | 9.4 Critical |
| Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root). | ||||
| CVE-2022-1669 | 1 Circutor | 2 Compact Dc-s Basic, Compact Dc-s Basic Firmware | 2025-04-16 | 6.8 Medium |
| A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any "Address" value and it would be copied to a second variable with a "strcpy" vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address. | ||||
| CVE-2022-2972 | 1 Mz-automation | 1 Libiec61850 | 2025-04-16 | 10 Critical |
| MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an attacker to crash the device or remotely execute arbitrary code. | ||||
| CVE-2022-2970 | 1 Mz-automation | 1 Libiec61850 | 2025-04-16 | 10 Critical |
| MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code. | ||||