Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-6538

Summary
Assigner-GitLab
Assigner Org ID-ceab7361-8a18-47b1-92ba-4d7d25f6715a
Published At-30 Apr, 2026 | 05:38
Updated At-30 Apr, 2026 | 12:50
Rejected At-
Credits

Stack-based Buffer Overflow in Wireshark

BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitLab
Assigner Org ID:ceab7361-8a18-47b1-92ba-4d7d25f6715a
Published At:30 Apr, 2026 | 05:38
Updated At:30 Apr, 2026 | 12:50
Rejected At:
â–¼CVE Numbering Authority (CNA)
Stack-based Buffer Overflow in Wireshark

BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Affected Products
Vendor
Wireshark FoundationWireshark Foundation
Product
Wireshark
Default Status
unaffected
Versions
Affected
  • From 4.6.0 before 4.6.5 (semver)
  • From 4.4.0 before 4.4.15 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121: Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121: Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Upgrade to version 4.6.5 or above

Configurations
Workarounds
Exploits
Credits
finder
Sharon Brizinov
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.wireshark.org/security/wnpa-sec-2026-23.html
N/A
https://gitlab.com/wireshark/wireshark/-/issues/21120
issue-tracking
permissions-required
Hyperlink: https://www.wireshark.org/security/wnpa-sec-2026-23.html
Resource: N/A
Hyperlink: https://gitlab.com/wireshark/wireshark/-/issues/21120
Resource:
issue-tracking
permissions-required
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://gitlab.com/wireshark/wireshark/-/work_items/21120
exploit
Hyperlink: https://gitlab.com/wireshark/wireshark/-/work_items/21120
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@gitlab.com
Published At:30 Apr, 2026 | 07:16
Updated At:01 May, 2026 | 18:15

BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CPE Matches
Wireshark Foundation
wireshark
>>wireshark>>Versions from 4.4.0(inclusive) to 4.4.14(inclusive)
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>Versions from 4.6.0(inclusive) to 4.6.4(inclusive)
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-121Secondarycve@gitlab.com
CWE ID: CWE-121
Type: Secondary
Source: cve@gitlab.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gitlab.com/wireshark/wireshark/-/issues/21120cve@gitlab.com
Exploit
Issue Tracking
https://www.wireshark.org/security/wnpa-sec-2026-23.htmlcve@gitlab.com
Vendor Advisory
https://gitlab.com/wireshark/wireshark/-/work_items/21120134c704f-9b21-4f2e-91b3-4a467353bcc0
Issue Tracking
Third Party Advisory
Hyperlink: https://gitlab.com/wireshark/wireshark/-/issues/21120
Source: cve@gitlab.com
Resource:
Exploit
Issue Tracking
Hyperlink: https://www.wireshark.org/security/wnpa-sec-2026-23.html
Source: cve@gitlab.com
Resource:
Vendor Advisory
Hyperlink: https://gitlab.com/wireshark/wireshark/-/work_items/21120
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Issue Tracking
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

72Records found
CVE-2024-9780
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.71%
||
7 Day CHG~0.00%
Published-10 Oct, 2024 | 06:30
Updated-27 Mar, 2026 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Initialization of a Variable in Wireshark

ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWiresharkwireshark
CWE ID-CWE-456
Missing Initialization of a Variable
CWE ID-CWE-909
Missing Initialization of Resource
CVE-2023-3648
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 5.20%
||
7 Day CHG~0.00%
Published-14 Jul, 2023 | 06:16
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mismatched Memory Management Routines in Wireshark

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWireshark
CWE ID-CWE-762
Mismatched Memory Management Routines
CVE-2019-9209
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.52% / 66.80%
||
7 Day CHG~0.00%
Published-28 Feb, 2019 | 04:00
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.

Action-Not Available
Vendor-n/aCanonical Ltd.Wireshark FoundationDebian GNU/LinuxopenSUSE
Product-wiresharkubuntu_linuxdebian_linuxleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-193
Off-by-one Error
CVE-2024-4855
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-3.6||LOW
EPSS-0.02% / 6.32%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 00:03
Updated-27 Mar, 2026 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in editcap

Use after free issue in editcap could cause denial of service via crafted capture file

Action-Not Available
Vendor-Wireshark FoundationFedora Project
Product-wiresharkfedoraeditcap
CWE ID-CWE-416
Use After Free
CVE-2024-11595
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.84%
||
7 Day CHG~0.00%
Published-21 Nov, 2024 | 09:30
Updated-27 Mar, 2026 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWiresharkwireshark
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2024-11596
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 6.19%
||
7 Day CHG~0.00%
Published-21 Nov, 2024 | 09:30
Updated-27 Mar, 2026 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Wireshark

ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWiresharkwireshark
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-8250
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.08%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 23:30
Updated-27 Mar, 2026 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Expired Pointer Dereference in Wireshark

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWiresharkwireshark
CWE ID-CWE-825
Expired Pointer Dereference
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-3649
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 7.46%
||
7 Day CHG~0.00%
Published-14 Jul, 2023 | 06:16
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Wireshark

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWireshark
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2022-43295
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.45%
||
7 Day CHG~0.00%
Published-14 Nov, 2022 | 00:00
Updated-13 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.

Action-Not Available
Vendor-xpdfreadern/a
Product-xpdfn/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38750
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 44.44%
||
7 Day CHG~0.00%
Published-05 Sep, 2022 | 00:00
Updated-20 Nov, 2024 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS in SnakeYAML

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

Action-Not Available
Vendor-snakeyaml_projectsnakeyamlDebian GNU/Linux
Product-debian_linuxsnakeyamlSnakeYAML
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-34542
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.01% / 1.82%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 22:05
Updated-20 Apr, 2026 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV: SBO in CIccCalculatorFunc::Apply()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow (SBO) in CIccCalculatorFunc::Apply() when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as a 4-byte write stack-buffer-overflow in IccProfLib/IccMpeCalc.cpp:3873, reachable through the MPE calculator / curve set initialization path. This issue has been patched in version 2.3.1.6.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-30980
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.03%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 18:07
Updated-13 Mar, 2026 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has a stack overflow in CIccBasicStructFactory::CreateStruct()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack overflow in CIccBasicStructFactory::CreateStruct() causing uncontrolled recursion/stack exhaustion and crash. This vulnerability is fixed in 2.3.1.5.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2022-1068
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 39.93%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 22:17
Updated-16 Apr, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Modbus Tools Modbus Slave Stack-Based Buffer Overflow

Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used.

Action-Not Available
Vendor-modbustoolsModbus Tools
Product-modbus_slaveModbus Slave
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-37127
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-6.9||MEDIUM
EPSS-0.01% / 0.28%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-05 Feb, 2026 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
dnsmasq-utils 2.79-1 - 'dhcp_release' Denial of Service

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending a crafted input string longer than 16 characters.

Action-Not Available
Vendor-dnsmasq
Product-dnsmasq-utils
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37121
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.40%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-06 Feb, 2026 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODE::BLOCKS 16.01 - Buffer Overflow (SEH) UNICODE

CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. Attackers can create a malicious M3U playlist file with 536 bytes of buffer and shellcode to trigger remote code execution.

Action-Not Available
Vendor-Code::Blocks
Product-Code::Blocks
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-4756
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 13.00%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 08:24
Updated-19 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in gpac/gpac

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.

Action-Not Available
Vendor-GPAC
Product-gpacgpac/gpac
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-70305
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 0.68%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 00:00
Updated-23 Jan, 2026 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-3195
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.95%
||
7 Day CHG~0.00%
Published-16 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.

Action-Not Available
Vendor-n/aFedora ProjectImageMagick Studio LLC
Product-extra_packages_for_enterprise_linuxfedoraimagemagickImageMagick
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-29583
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.13% / 31.76%
||
7 Day CHG+0.02%
Published-24 Apr, 2023 | 00:00
Updated-02 Aug, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.

Action-Not Available
Vendor-yasm_projectn/ayasm_project
Product-yasmn/ayasm
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-2837
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 9.24%
||
7 Day CHG~0.00%
Published-22 May, 2023 | 00:00
Updated-21 Jan, 2025 | 15:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in gpac/gpac

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.

Action-Not Available
Vendor-GPAC
Product-gpacgpac/gpac
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-1709
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.73%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 20:36
Updated-06 Jan, 2025 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Datalogics Library APDFL Stack-based Buffer Overflow

Datalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process.

Action-Not Available
Vendor-DatalogicsSiemens AG
Product-jt2goteamcenter_visualizationLibrary APDFLJT2GoTeamcenter Visualization
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-70309
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 6.28%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 00:00
Updated-23 Jan, 2026 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-121
Stack-based Buffer Overflow
  • Previous
  • 1
  • 2
  • Next
Details not found