Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-49041 1Synology 1Drive Client Jun 17, 2026 Sep 26, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to...Show more Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.Show less
CVE-2022-49040 1Synology 1Drive Client Jun 17, 2026 Sep 26, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to...Show more Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.Show less
CVE-2024-23972 1Sony 1Xav Ax5500 Firmware Jun 17, 2026 Sep 23, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5...Show more Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the USB host driver. A crafted USB configuration descriptor can trigger an overflow of a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23185Show less
CVE-2024-9088 1Razormist 1Telecom Billing Management System Jun 17, 2026 Sep 22, 2024 5.3 MEDIUM· v4 9.8 CRITICAL· v3 5.8 MEDIUM· v2 A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0 and classified as critical. This vulnerability affects the function login. The manipulation of the argument uname leads to buffer ove...Show more A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0 and classified as critical. This vulnerability affects the function login. The manipulation of the argument uname leads to buffer overflow. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-46652 1Tenda 1Ac8 Firmware Jun 17, 2026 Sep 20, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function.
CVE-2024-40568 - - Jun 17, 2026 Sep 18, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pb_adv_handle_tranaction_cont function in the src/mesh/pb_...Show more Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pb_adv_handle_tranaction_cont function in the src/mesh/pb_adv.c componentShow less
CVE-2024-34057 2Siemens Trianglemicroworks 6Iec 61850 Source Code Library Sicam A8000 FirmwareSicam Egs Firmware+3 more Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service.
CVE-2024-46598 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iprofileidx parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46597 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPubKey parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46596 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sAct parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46595 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the saveitem parameter at lan2lan.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46594 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the saveVPNProfile parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46593 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the trapcomm parameter at cgiswm.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46592 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ssidencrypt_5g%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46591 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sDnsPro parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46590 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ssidencrypt%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46589 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sIpv6AiccuUser parameter at inetipv6.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46588 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at wizfw.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46586 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sCloudPass parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46585 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at usergrp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Previous 1...798081...212 Next