Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-4301 1Apple 1Smart Card Services Jul 29, 2025 Jan 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 This issue is fixed in SCSSU-201801. A potential stack based buffer overflow existed in GemaltoKeyHandle.cpp.
CVE-2024-40427 1Dronecode 1Px4 Drone Autopilot Jun 17, 2026 Jan 7, 2025 N/A· v4 7.9 HIGH· v3 N/A· v2 Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute
CVE-2024-46601 1Elspec Ltd 1G5dfr Firmware Jun 17, 2026 Jan 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow.
CVE-2024-45547 1Qualcomm 10Fastconnect 6900 Firmware Fastconnect 7800 FirmwareQcc2073 Firmware+7 more Jun 17, 2026 Jan 6, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.
CVE-2024-45541 1Qualcomm 51Aqt1000 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+48 more Jun 17, 2026 Jan 6, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption when IOCTL call is invoked from user-space to read board data.
CVE-2024-21464 1Qualcomm 21Fastconnect 6700 Firmware Fastconnect 6900 FirmwareFastconnect 7800 Firmware+18 more Jun 17, 2026 Jan 6, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing IPA statistics, when there are no active clients registered.
CVE-2024-47032 1Google 1Android Jun 17, 2026 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. U...Show more In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-12988 1Netgear 2R6900p Firmware R7000p Firmware Jun 17, 2026 Dec 27, 2024 6.9 MEDIUM· v4 7.5 HIGH· v3 7.5 HIGH· v2 A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the arg...Show more A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.Show less
CVE-2024-56590 1Linux 1Linux Kernel Jun 17, 2026 Dec 27, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL header otherwise the code...Show more In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL header otherwise the code may attempt to access some uninitilized/invalid memory past the valid skb->data.Show less
CVE-2024-56557 1Linux 1Linux Kernel Jun 17, 2026 Dec 27, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer The AD7923 was updated to support devices with 8 channels, but the size of tx_buf and r...Show more In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer The AD7923 was updated to support devices with 8 channels, but the size of tx_buf and ring_xfer was not increased accordingly, leading to a potential buffer overflow in ad7923_update_scan_mode().Show less
CVE-2024-53192 1Linux 1Linux Kernel Jun 17, 2026 Dec 27, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access Flexible-array member `hws` in `struct clk_hw_onecell_data` is annot...Show more In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access Flexible-array member `hws` in `struct clk_hw_onecell_data` is annotated with the `counted_by()` attribute. This means that when memory is allocated for this array, the _counter_, which in this case is member `num` in the flexible structure, should be set to the maximum number of elements the flexible array can contain, or fewer. In this case, the total number of elements for the flexible array is determined by variable `clks_num` when allocating heap space via `devm_kzalloc()`, as shown below: 289 struct loongson2_clk_provider *clp; ... 296 for (p = data; p->name; p++) 297 clks_num++; 298 299 clp = devm_kzalloc(dev, struct_size(clp, clk_data.hws, clks_num), 300 GFP_KERNEL); So, `clp->clk_data.num` should be set to `clks_num` or less, and not exceed `clks_num`, as is currently the case. Otherwise, if data is written into `clp->clk_data.hws[clks_num]`, the instrumentation provided by the compiler won't detect the overflow, leading to a memory corruption bug at runtime. Fix this issue by setting `clp->clk_data.num` to `clks_num`.Show less
CVE-2024-47864 - - Jun 17, 2026 Dec 23, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down.
CVE-2020-6923 - - Jun 17, 2026 Dec 19, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow.
CVE-2024-12373 - - Jun 17, 2026 Dec 18, 2024 9.3 CRITICAL· v4 N/A· v3 N/A· v2 A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.
CVE-2024-29646 1Radare 1Radare2 Jun 17, 2026 Dec 17, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.
CVE-2024-12194 1Autodesk 1Navisworks Jun 17, 2026 Dec 17, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the cur...Show more A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.Show less
CVE-2024-37607 1Dlink 1Dap 2555 Firmware Jun 17, 2026 Dec 17, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A Buffer overflow vulnerability in D-Link DAP-2555 REVA_FIRMWARE_1.20 allows remote attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVE-2024-37606 1Dlink 1Dcs 932l Firmware Jun 17, 2026 Dec 17, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A Stack overflow vulnerability in D-Link DCS-932L REVB_FIRMWARE_2.18.01 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVE-2024-52949 1Iptraf Ng 1Iptraf Ng Jun 17, 2026 Dec 16, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.
CVE-2024-29671 - - Jun 17, 2026 Dec 16, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to execute arbitrary code via the POST request handler component.

Previous 1...676869...212 Next