Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,226)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-50664 1Gpac 1Gpac Jun 17, 2026 Jan 23, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box.
CVE-2024-56914 1Dlink 1Dsl 3782 Firmware Jun 17, 2026 Jan 22, 2025 N/A· v4 5.7 MEDIUM· v3 N/A· v2 D-Link DSL-3782 v1.01 is vulnerable to Buffer Overflow in /New_GUI/ParentalControl.asp.
CVE-2024-24419 1Linuxfoundation 1Magma Jun 17, 2026 Jan 21, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_traffic_flow_template_packet_filter function at /3gpp/3gpp_24....Show more The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_traffic_flow_template_packet_filter function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.Show less
CVE-2024-24418 1Linuxfoundation 1Magma Jun 17, 2026 Jan 21, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_pdn_address function at /nas/ies/PdnAddress.cpp. This vulnerab...Show more The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_pdn_address function at /nas/ies/PdnAddress.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.Show less
CVE-2024-24417 1Linuxfoundation 1Magma Jun 17, 2026 Jan 21, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_s...Show more The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.Show less
CVE-2024-24416 1Linuxfoundation 1Magma Jun 17, 2026 Jan 21, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. T...Show more The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.Show less
CVE-2024-24451 - - Jun 17, 2026 Jan 21, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections...Show more A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.Show less
CVE-2024-57545 1Linksys 1E8450 Firmware Jun 17, 2026 Jan 21, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification.
CVE-2024-57544 1Linksys 1E8450 Firmware Jun 17, 2026 Jan 21, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.
CVE-2024-57543 1Linksys 1E8450 Firmware Jun 17, 2026 Jan 21, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification.
CVE-2024-57541 1Linksys 1E8450 Firmware Jun 17, 2026 Jan 21, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification.
CVE-2024-57540 1Linksys 1E8450 Firmware Jun 17, 2026 Jan 21, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification.
CVE-2024-57538 1Linksys 1E8450 Firmware Jun 17, 2026 Jan 21, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification.
CVE-2024-57537 1Linksys 1E8450 Firmware Jun 17, 2026 Jan 21, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification.
CVE-2018-9387 1Google 1Android Jun 17, 2026 Jan 18, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User inte...Show more In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-13503 - - Jun 17, 2026 Jan 17, 2025 9.5 CRITICAL· v4 N/A· v3 N/A· v2 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM (Updating signaling process in the swdownload binary modules) allows Local E...Show more Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM (Updating signaling process in the swdownload binary modules) allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The issue is both present on the PowerPC versions of the modem and the ARM versions. A stack buffer buffer overflow in the swdownload binary allows attackers to execute arbitrary code. The parse_INFO function uses an unrestricted `sscanf` to read a string of an incoming network packet into a statically sized buffer.Show less
CVE-2024-57703 1Tenda 1Ac8 Firmware Jun 17, 2026 Jan 16, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-bas...Show more Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow.Show less
CVE-2024-57578 1Tenda 1Ac18 Firmware Jun 17, 2026 Jan 16, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function.
CVE-2024-57577 1Tenda 1Ac18 Firmware Jun 17, 2026 Jan 16, 2025 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
CVE-2025-22916 1Edimax 1Re11s Firmware Jun 17, 2026 Jan 16, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 RE11S v1.11 was discovered to contain a stack overflow via the pppUserName parameter in the formPPPoESetup function.

Previous 1...646566...212 Next