Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-46584 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the AControlIp1 parameter at acontrol.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46583 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the extRadSrv2 parameter at cgiapp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46582 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvAddr parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46581 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46580 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the fid parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46571 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46568 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46567 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iProfileIdx parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46566 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sAppName parameter at sslapp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46565 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvName parameter at service.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46564 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at fextobj.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46561 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the queryret parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46560 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pub_key parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46559 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_UsrNme parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46558 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the newProname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46557 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46556 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sInRCSecret0 parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46555 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pb parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46554 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the profname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-46553 1Draytek 1Vigor3910 Firmware Jun 17, 2026 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ipaddrmsk%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Previous 1...808182...212 Next