Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-36778

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 Jun, 2026 | 00:00
Updated At-10 Jun, 2026 | 17:39
Rejected At-
Credits

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the username parameter of the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 Jun, 2026 | 00:00
Updated At:10 Jun, 2026 | 17:39
Rejected At:
â–¼CVE Numbering Authority (CNA)

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the username parameter of the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/xhh0124/SemVulLLM/tree/main/O3/R7WebsSecurityHandler
N/A
Hyperlink: https://github.com/xhh0124/SemVulLLM/tree/main/O3/R7WebsSecurityHandler
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121 Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121 Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.14.9MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 4.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Jun, 2026 | 19:17
Updated At:10 Jun, 2026 | 18:16

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the username parameter of the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.14.9MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 4.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-121Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-121
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/xhh0124/SemVulLLM/tree/main/O3/R7WebsSecurityHandlercve@mitre.org
N/A
Hyperlink: https://github.com/xhh0124/SemVulLLM/tree/main/O3/R7WebsSecurityHandler
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

18Records found
CVE-2024-52894
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.25% / 48.27%
||
7 Day CHG~0.00%
Published-29 Jul, 2025 | 19:00
Updated-17 Aug, 2025 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 for Linux, UNIX and Windows denial of service

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.

Action-Not Available
Vendor-IBM Corporation
Product-db2Db2
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-47909
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-4.9||MEDIUM
EPSS-1.62% / 82.22%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 16:02
Updated-19 Nov, 2024 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

Action-Not Available
Vendor-Ivanti Software
Product-policy_secureconnect_securePolicy SecureConnect Secure
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-47905
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-4.9||MEDIUM
EPSS-1.62% / 82.22%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 15:56
Updated-18 Nov, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

Action-Not Available
Vendor-Ivanti Software
Product-policy_secureconnect_securePolicy SecureConnect Secure
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-42444
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.23% / 46.36%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 20:38
Updated-25 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM App Connect Enterprise denial of service

IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538.

Action-Not Available
Vendor-IBM CorporationMicrosoft CorporationLinux Kernel Organization, Inc
Product-app_connect_enterpriseaixwindowslinux_kernelApp Connect Enterprise
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-3439
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.14% / 34.14%
||
7 Day CHG~0.00%
Published-04 Mar, 2026 | 09:19
Updated-05 Mar, 2026 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall.

Action-Not Available
Vendor-SonicWall Inc.
Product-nsa_5700tz480tz370nsa_4700nsa_3800nssp_10700tz570pnsa_2800tz670tz380nsv870tz570wtz280tz470nsa_6700tz370wsonicostz570tz470wnsa_4800nsa_3700nsa_5800nssp_11700nssp_15700tz680nssp_13700tz80tz270wtz270nsa_2700nsv470tz580nsv270SonicOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-25772
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.08% / 23.54%
||
7 Day CHG~0.00%
Published-17 Mar, 2026 | 18:11
Updated-19 Mar, 2026 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module (`wdb_delta_event.c`). The SQL query construction logic allows for an integer underflow when calculating the remaining buffer size. This occurs because the code incorrectly aggregates the return value of `snprintf`. If a specific database synchronization payload exceeds the size of the query buffer (2048 bytes), the size calculation wraps around to a massive integer, effectively removing bounds checking for subsequent writes. This allows an attacker to corrupt the stack, leading to a Denial of Service (DoS) or potentially RCE. Version 4.14.3 fixes the issue.

Action-Not Available
Vendor-Wazuh, Inc.
Product-wazuhwazuh
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2026-22319
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-4.9||MEDIUM
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-18 Mar, 2026 | 07:34
Updated-18 Mar, 2026 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-Based Buffer Overflow in File Install Parameter Handling

A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-FL SWITCH 2316 PNFL NAT 2304-2GC-2SFPFL SWITCH 2506-2SFP/K1FL SWITCH 2303-8SP1FL SWITCH 2708 PNFL SWITCH 2208 PNFL SWITCH 2206-2FXFL SWITCH 2207-FX SMFL SWITCH 2408 PNFL SWITCH 2708FL SWITCH 2414-2SFX PNFL NAT 2008FL SWITCH 2216 PNFL SWITCH 2008FFL NAT 2208FL SWITCH 2214-2SFXFL SWITCH 2508 PNFL SWITCH 2312-2GC-2SFPFL SWITCH 2608FL SWITCH 2308FL SWITCH 2204-2TC-2SFXFL SWITCH TSN 2316FL SWITCH 2206-2SFX PNFL SWITCH 2414-2SFXFL SWITCH 2516 PNFL SWITCH 5924-4GCFL SWITCH 2208FL SWITCH 2116FL SWITCH 2504-2GC-2SFPFL SWITCH 2408FL SWITCH 2608 PNFL SWITCH 2016FL SWITCH TSN 2312-2GC-2SFPFL SWITCH 5916-8GC-4SFP+FL SWITCH 2514-2SFPFL SWITCH 2316/K1FL SWITCH 2206C-2FXFL SWITCH 2008FL SWITCH 2206-2FX SMFL SWITCH TSN 2314-2SFPFL SWITCH 2306-2SFPFL SWITCH 2512-2GC-2SFPFL SWITCH 2314-2SFPFL SWITCH 2207-FXFL SWITCH 2406-2SFX PNFL SWITCH 2206-2SFXFL SWITCH 2416 PNFL SWITCH 2508FL SWITCH 2406-2SFXFL SWITCH 2308 PNFL SWITCH 2416FL SWITCH 2306-2SFP PNFL SWITCH 5924-4SFP+FL SWITCH 2205FL SWITCH 2216FL SWITCH 2412-2TC-2SFXFL SWITCH 2005FL SWITCH 2214-2FX SMFL SWITCH 2506-2SFP PNFL SWITCH 2108FL SWITCH 2304-2GC-2SFPFL SWITCH 2514-2SFP PNFL SWITCH 2206-2FX SM STFL SWITCH 2212-2TC-2SFXFL SWITCH 2516FL SWITCH 5916SFP-8GC-4SFP+FL SWITCH 2508/K1FL SWITCH 2506-2SFPFL SWITCH 5924SFP-4GCFL SWITCH 2314-2SFP PNFL SWITCH 2105FL SWITCH 2206-2FX STFL SWITCH 2214-2FXFL SWITCH 2208CFL SWITCH 2316FL SWITCH 2404-2TC-2SFXFL SWITCH 2214-2SFX PN
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-22318
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-4.9||MEDIUM
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-18 Mar, 2026 | 07:33
Updated-18 Mar, 2026 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-Based Buffer Overflow in File Transfer Parameter Handling

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-FL SWITCH 2316 PNFL NAT 2304-2GC-2SFPFL SWITCH 2506-2SFP/K1FL SWITCH 2303-8SP1FL SWITCH 2708 PNFL SWITCH 2208 PNFL SWITCH 2206-2FXFL SWITCH 2207-FX SMFL SWITCH 2408 PNFL SWITCH 2708FL SWITCH 2414-2SFX PNFL NAT 2008FL SWITCH 2216 PNFL SWITCH 2008FFL NAT 2208FL SWITCH 2214-2SFXFL SWITCH 2508 PNFL SWITCH 2312-2GC-2SFPFL SWITCH 2608FL SWITCH 2308FL SWITCH 2204-2TC-2SFXFL SWITCH TSN 2316FL SWITCH 2206-2SFX PNFL SWITCH 2414-2SFXFL SWITCH 2516 PNFL SWITCH 5924-4GCFL SWITCH 2208FL SWITCH 2116FL SWITCH 2504-2GC-2SFPFL SWITCH 2408FL SWITCH 2608 PNFL SWITCH 2016FL SWITCH TSN 2312-2GC-2SFPFL SWITCH 5916-8GC-4SFP+FL SWITCH 2514-2SFPFL SWITCH 2316/K1FL SWITCH 2206C-2FXFL SWITCH 2008FL SWITCH 2206-2FX SMFL SWITCH TSN 2314-2SFPFL SWITCH 2306-2SFPFL SWITCH 2512-2GC-2SFPFL SWITCH 2314-2SFPFL SWITCH 2207-FXFL SWITCH 2406-2SFX PNFL SWITCH 2206-2SFXFL SWITCH 2416 PNFL SWITCH 2508FL SWITCH 2406-2SFXFL SWITCH 2308 PNFL SWITCH 2416FL SWITCH 2306-2SFP PNFL SWITCH 5924-4SFP+FL SWITCH 2205FL SWITCH 2216FL SWITCH 2412-2TC-2SFXFL SWITCH 2005FL SWITCH 2214-2FX SMFL SWITCH 2506-2SFP PNFL SWITCH 2108FL SWITCH 2304-2GC-2SFPFL SWITCH 2514-2SFP PNFL SWITCH 2206-2FX SM STFL SWITCH 2212-2TC-2SFXFL SWITCH 2516FL SWITCH 5916SFP-8GC-4SFP+FL SWITCH 2508/K1FL SWITCH 2506-2SFPFL SWITCH 5924SFP-4GCFL SWITCH 2314-2SFP PNFL SWITCH 2105FL SWITCH 2206-2FX STFL SWITCH 2214-2FXFL SWITCH 2208CFL SWITCH 2316FL SWITCH 2404-2TC-2SFXFL SWITCH 2214-2SFX PN
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-11793
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.04% / 14.03%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 13:11
Updated-09 Jun, 2026 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
389-ds-base: 389-ds-base: stack buffer overflow in checkprefix() algorithm id parsing

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can crash the LDAP server by storing a crafted credential with an oversized algorithm ID. FORTIFY_SOURCE mitigates this to denial of service only.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Directory Server 13Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Directory Server 11Red Hat Enterprise Linux 6Red Hat Enterprise Linux 10Red Hat Directory Server 12Red Hat Enterprise Linux 9
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-0206
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.21% / 43.04%
||
7 Day CHG~0.00%
Published-29 Apr, 2026 | 16:21
Updated-05 May, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.

Action-Not Available
Vendor-SonicWall Inc.
Product-soho_250tz370wtz280sonicosnsa_5650nsa_3600tz_350tz_300tz_400wtz80tz_600tz570wtz_500nsa_5700nssp_10700tz280wsm_9400nsv_470tz270wnsa_6700tz570ptz680nsv_270nssp_15700tz_300pnsa_2700nssp_13700tz380sm_9450sm_9650tz_600pnsa_4700nsv_870tz_500wnsa_2800tz_400tz570tz_350wsm_9250nsa_5600soho_250wnsa_3800nsa_3650tz480tz580tz380wnsa_5800tz470wnssp_11700tz670tz270nsa_2650sm_9600nsa_4650tz470nsa_3700nsa_4800nsa_6650tz370tz_300wnsa_4600sohownsa_6600sm_9200SonicOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-0399
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.08% / 22.78%
||
7 Day CHG~0.00%
Published-24 Feb, 2026 | 14:52
Updated-26 Feb, 2026 | 20:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.

Action-Not Available
Vendor-SonicWall Inc.
Product-tz370tz480nssp_15700tz570tz270tz80nsa_4700tz470wnsa_2800nsa_3700tz670tz470nssp_13700nssp_10700nsa_5700nsa_2700nsv470tz570wnsa_4800tz680tz270wnsa_6700nsv870nsv270nsa_5800tz580tz280sonicostz570pnsa_3800tz380nssp_11700tz370wSonicOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-5451
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-4.9||MEDIUM
EPSS-0.98% / 77.14%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 15:02
Updated-15 Jul, 2025 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service.

Action-Not Available
Vendor-Ivanti Software
Product-policy_secureconnect_securePolicy SecureConnect Secure
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-53296
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-2.7||LOW
EPSS-0.21% / 43.95%
||
7 Day CHG~0.00%
Published-01 Feb, 2025 | 03:56
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect DD
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-29012
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-4.9||MEDIUM
EPSS-2.25% / 84.93%
||
7 Day CHG~0.00%
Published-20 Jun, 2024 | 08:11
Updated-25 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.

Action-Not Available
Vendor-SonicWall Inc.
Product-tz670nssp_11700nssp_10700tz270nsa_2700nsv_470tz470nsa_6700tz270wtz570ptz570nsv_270sonicosnssp_13700tz370tz470wnsa_3700tz370wnsa_5700nsa_4700nsv_870tz570wSonicOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-21054
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.10% / 27.11%
||
7 Day CHG~0.00%
Published-16 Apr, 2024 | 21:26
Updated-13 Feb, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-MySQL Servermysql_server
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-21053
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.10% / 27.11%
||
7 Day CHG~0.00%
Published-16 Apr, 2024 | 21:26
Updated-13 Feb, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-MySQL Servermysql_server
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-20998
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.10% / 27.11%
||
7 Day CHG~0.00%
Published-16 Apr, 2024 | 21:25
Updated-13 Feb, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-MySQL Servermysql
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-25790
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 39.39%
||
7 Day CHG~0.00%
Published-17 Mar, 2026 | 18:41
Updated-19 Mar, 2026 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment (SCA) decoder (`wazuh-analysisd`). The use of `sprintf` with a floating-point (`%lf`) format specifier on a fixed-size 128-byte buffer allows a remote attacker to overflow the stack. A specially crafted JSON event can trigger this overflow, leading to a denial of service (crash) or potential RCE on the Wazuh manager. The vulnerability is located in `/src/analysisd/decoders/security_configuration_assessment.c`, within the `FillScanInfo` and `FillCheckEventInfo` functions. In multiple locations, a 128-byte buffer (`char value[OS_SIZE_128];`) is allocated on the stack to hold the string representation of a number from a JSON event. The code checks if the number is an integer or a double. If it's a double, it uses `sprintf(value, "%lf", ...)` to perform the conversion. This `sprintf` call is unbounded. If a floating-point number with a large exponent (e.g., `1.0e150`) is provided, `sprintf` will attempt to write its full string representation (a "1" followed by 150 zeros), which is larger than the 128-byte buffer, corrupting the stack. Version 4.14.3 patches the issue.

Action-Not Available
Vendor-Wazuh, Inc.
Product-wazuhwazuh
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
Details not found