Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-39358 1Wavlink 1Wl Wn533a8 Firmware Jun 17, 2026 Jan 14, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in the adm.cgi set_wzap() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authe...Show more A buffer overflow vulnerability exists in the adm.cgi set_wzap() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2024-39299 1Wavlink 1Wl Wn533a8 Firmware Jun 17, 2026 Jan 14, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in the qos.cgi qos_sta_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make...Show more A buffer overflow vulnerability exists in the qos.cgi qos_sta_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2024-39294 1Wavlink 1Wl Wn533a8 Firmware Jun 17, 2026 Jan 14, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in the adm.cgi set_wzdgw4G() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an au...Show more A buffer overflow vulnerability exists in the adm.cgi set_wzdgw4G() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2024-39288 1Wavlink 1Wl Wn533a8 Firmware Jun 17, 2026 Jan 14, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can m...Show more A buffer overflow vulnerability exists in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2024-37357 1Wavlink 1Wl Wn533a8 Firmware Jun 17, 2026 Jan 14, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in the adm.cgi set_TR069() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an auth...Show more A buffer overflow vulnerability exists in the adm.cgi set_TR069() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2024-37184 1Wavlink 1Wl Wn533a8 Firmware Jun 17, 2026 Jan 14, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in the adm.cgi rep_as_bridge() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an...Show more A buffer overflow vulnerability exists in the adm.cgi rep_as_bridge() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2024-36290 1Wavlink 1Wl Wn533a8 Firmware Jun 17, 2026 Jan 14, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an u...Show more A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.Show less
CVE-2024-36272 1Wavlink 1Wl Wn533a8 Firmware Jun 17, 2026 Jan 14, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in the usbip.cgi set_info() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an aut...Show more A buffer overflow vulnerability exists in the usbip.cgi set_info() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2024-6352 - - Jun 17, 2026 Jan 13, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A malformed packet can cause a buffer overflow in the APS layer of the Ember ZNet stack and lead to an assert
CVE-2025-22946 1Tenda 1Ac9 Firmware Jun 17, 2026 Jan 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution.
CVE-2024-48806 - - Jun 17, 2026 Jan 9, 2025 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in Neat Board NFC v.1.20240620.0015 allows a physically proximate attackers to escalate privileges via a crafted payload to the password field
CVE-2024-54887 1Tp Link 1Tl Wr940n Firmware Jun 17, 2026 Jan 9, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker...Show more TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user.Show less
CVE-2024-10106 - - Jun 17, 2026 Jan 9, 2025 N/A· v4 3.7 LOW· v3 N/A· v2 A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer.
CVE-2024-6350 - - Jun 17, 2026 Jan 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A malformed 802.15.4 packet causes a buffer overflow to occur leading to an assert and a denial of service. A watchdog reset clears the error condition automatically.
CVE-2024-56456 1Huawei 1Harmonyos Jun 17, 2026 Jan 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56455 1Huawei 1Harmonyos Jun 17, 2026 Jan 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56454 1Huawei 1Harmonyos Jun 17, 2026 Jan 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56453 1Huawei 1Harmonyos Jun 17, 2026 Jan 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56452 1Huawei 1Harmonyos Jun 17, 2026 Jan 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56450 1Huawei 2Emui Harmonyos Jun 17, 2026 Jan 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.

Previous 1...666768...212 Next