Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,225)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-21443 1Qualcomm 36Qam8255p Firmware Qam8295p FirmwareQam8620p Firmware+33 more Jun 17, 2026 Apr 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing message content in eAVB.
CVE-2025-3346 1Tenda 1Ac7 Firmware Jun 17, 2026 Apr 7, 2025 8.7 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. Affected by this issue is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument pptp_serv...Show more A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. Affected by this issue is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument pptp_server_start_ip/pptp_server_end_ip leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-58110 1Huawei 1Harmonyos Jun 17, 2026 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58109 1Huawei 1Harmonyos Jun 17, 2026 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58108 1Huawei 1Harmonyos Jun 17, 2026 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58107 1Huawei 1Harmonyos Jun 17, 2026 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58106 1Huawei 1Harmonyos Jun 17, 2026 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-3328 1Tenda 1Ac1206 Firmware Jun 17, 2026 Apr 7, 2025 8.7 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument s...Show more A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.Show less
CVE-2025-29476 - - Jun 17, 2026 Apr 4, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in compress_chunk_fuzzer with oss-fuzz on commit 16450518afddcb3139de627157208e49bfef6987 in c-blosc2 v.2.17.0 and before.
CVE-2025-3194 - - Jun 17, 2026 Apr 4, 2025 7.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buffer Overflow in the toBigIntLE() function. Attackers can exploit this to crash the application.
CVE-2025-29462 1Tenda 1Ac15 Firmware Jun 17, 2026 Apr 3, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in...Show more A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack.Show less
CVE-2025-3148 1Code Projects 1Product Management System Jun 17, 2026 Apr 3, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 1.7 LOW· v2 A vulnerability was found in codeprojects Product Management System 1.0 and classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument Str1 leads to buf...Show more A vulnerability was found in codeprojects Product Management System 1.0 and classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument Str1 leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-3139 1Fabian 1Bus Reservation System Jun 17, 2026 Apr 3, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical. Affected by this issue is the function Login of the component Login Form. The manipulation of the argument Str1 leads to b...Show more A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical. Affected by this issue is the function Login of the component Login Form. The manipulation of the argument Str1 leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-28398 1Dlink 1Di 8100 Firmware Jun 17, 2026 Apr 1, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.
CVE-2025-28395 1Dlink 1Di 8100 Firmware Jun 17, 2026 Apr 1, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter.
CVE-2025-1660 1Autodesk 1Navisworks Jun 17, 2026 Apr 1, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the cur...Show more A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.Show less
CVE-2025-24266 1Apple 1Macos Jun 17, 2026 Mar 31, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
CVE-2025-24237 1Apple 4Ipados Iphone OsMacos+1 more Jun 17, 2026 Mar 31, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. An...Show more A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination.Show less
CVE-2025-24209 1Apple 5Ipados Iphone OsMacos+2 more Jun 17, 2026 Mar 31, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. Processing maliciously crafte...Show more A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2025-24157 1Apple 1Macos Jun 17, 2026 Mar 31, 2025 N/A· v4 5.6 MEDIUM· v3 N/A· v2 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corr...Show more A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.Show less

Previous 1...575859...212 Next