Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,226)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-25505 1Tenda 1Ac6 Firmware Jun 17, 2026 Feb 21, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function.
CVE-2025-25678 1Tenda 1I12 Firmware Jun 17, 2026 Feb 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.
CVE-2025-25676 1Tenda 1I12 Firmware Jun 17, 2026 Feb 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.
CVE-2025-25674 1Tenda 1Ac10 Firmware Jun 17, 2026 Feb 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid.
CVE-2025-25668 1Tenda 1Ac8 Firmware Jun 17, 2026 Feb 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function.
CVE-2025-25667 1Tenda 1Ac8 Firmware Jun 17, 2026 Feb 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
CVE-2025-25664 1Tenda 1Ac8 Firmware Jun 17, 2026 Feb 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.
CVE-2025-25663 1Tenda 1Ac8 Firmware Jun 17, 2026 Feb 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow.
CVE-2025-25662 1Tenda 1O4 Firmware Jun 17, 2026 Feb 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda O4 V3.0 V1.0.0.10(2936) is vulnerable to Buffer Overflow in the function SafeSetMacFilter of the file /goform/setMacFilterList via the argument remark/type/time.
CVE-2023-46271 - - Jun 17, 2026 Feb 19, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Extreme Networks IQ Engine before 10.6r1a, and through 10.6r4 before 10.6r5, has a buffer overflow. This issue arises from the ah_webui service, which listens on TCP port 3009 by default.
CVE-2025-25474 2Debian Offis 2Dcmtk Debian Linux Jun 17, 2026 Feb 18, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h.
CVE-2025-25472 2Debian Offis 2Dcmtk Debian Linux Jun 17, 2026 Feb 18, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file.
CVE-2025-1372 1Elfutils Project 1Elfutils Jun 17, 2026 Feb 17, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf....Show more A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue.Show less
CVE-2025-1368 1Escanav 1Escan Anti Virus Jun 17, 2026 Feb 17, 2025 4.6 MEDIUM· v4 2.3 LOW· v3 1.4 LOW· v2 A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects the function ReadConfiguration of the file /opt/MicroWorld/etc/mwav.conf. The manipu...Show more A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects the function ReadConfiguration of the file /opt/MicroWorld/etc/mwav.conf. The manipulation of the argument BasePath leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-1367 1Escanav 1Escan Anti Virus Jun 17, 2026 Feb 17, 2025 4.8 MEDIUM· v4 5.3 MEDIUM· v3 4.3 MEDIUM· v2 A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overfl...Show more A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-1365 1Elfutils Project 1Elfutils Jun 17, 2026 Feb 17, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads t...Show more A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue.Show less
CVE-2025-25900 1Tp Link 1Tl Wr841nd V11 Firmware Jun 17, 2026 Feb 13, 2025 N/A· v4 4.9 MEDIUM· v3 N/A· v2 A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via...Show more A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.Show less
CVE-2025-25343 1Tenda 1Ac6 Firmware Jun 17, 2026 Feb 12, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function.
CVE-2024-0144 - - Jun 17, 2026 Feb 12, 2025 N/A· v4 6.8 MEDIUM· v3 N/A· v2 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tamperin...Show more NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tampering.Show less
CVE-2025-25530 - - Jun 17, 2026 Feb 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer overflow vulnerability in Digital China DCBI-Netlog-LAB Gateway 1.0 due to the lack of length verification, which is related to saving parental control configuration information. Attackers who successfully exploit...Show more Buffer overflow vulnerability in Digital China DCBI-Netlog-LAB Gateway 1.0 due to the lack of length verification, which is related to saving parental control configuration information. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.Show less

Previous 1...616263...212 Next