Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-6143 1Actiontec 1Wcb6200q Firmware Jun 17, 2026 Jun 19, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q ro...Show more Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21414.Show less
CVE-2024-6142 1Actiontec 1Wcb6200q Firmware Jun 17, 2026 Jun 19, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q r...Show more Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21410.Show less
CVE-2024-37305 - - Jun 17, 2026 Jun 17, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way...Show more oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue.Show less
CVE-2024-24320 1Mgt Commerce 1Cloudpanel Jun 17, 2026 Jun 14, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles functio...Show more Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function.Show less
CVE-2024-37637 1Totolink 1A3700r Firmware Jun 17, 2026 Jun 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.
CVE-2024-0099 - - Jun 17, 2026 Jun 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. A successful exploit of this vulnerability might lead to information disclosu...Show more NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.Show less
CVE-2024-32907 1Google 1Android Jun 17, 2026 Jun 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n...Show more In memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-37635 1Totolink 1A3700r Firmware Jun 17, 2026 Jun 13, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
CVE-2024-37632 1Totolink 1A3700r Firmware Jun 17, 2026 Jun 13, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
CVE-2024-36760 - - Jun 17, 2026 Jun 13, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 A stack overflow vulnerability was found in version 1.18.0 of rhai. The flaw position is: (/ SRC/rhai/SRC/eval/STMT. Rs in rhai: : eval: : STMT: : _ $LT $impl $u20 $rhai.. engine.. Engine$GT$::eval_stmt::h3f1d68ce37fc6e9...Show more A stack overflow vulnerability was found in version 1.18.0 of rhai. The flaw position is: (/ SRC/rhai/SRC/eval/STMT. Rs in rhai: : eval: : STMT: : _ $LT $impl $u20 $rhai.. engine.. Engine$GT$::eval_stmt::h3f1d68ce37fc6e96). Due to the stack overflow is a recursive call/SRC/rhai/SRC/eval/STMT. Rs file eval_stmt_block function.Show less
CVE-2024-37040 1Schneider Electric 1Sage Rtu Firmware Jun 17, 2026 Jun 12, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malform...Show more CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request.Show less
CVE-2024-36650 1Totolink 1A3100r Firmware Jun 17, 2026 Jun 11, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is...Show more TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack.Show less
CVE-2022-37020 1Hp 26Elite Slice Firmware Elite Slice For Meeting Rooms FirmwareElitebook 1040 G3 Firmware+23 more Jun 17, 2026 Jun 10, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vuln...Show more Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities.Show less
CVE-2024-24192 1Robertdavidgraham 1Robdns Jun 17, 2026 Jun 6, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 robdns commit d76d2e6 was discovered to contain a heap overflow via the component block->filename at /src/zonefile-insertion.c.
CVE-2024-5305 1Tungstenautomation 1Power Pdf Jun 17, 2026 Jun 6, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User in...Show more Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22921.Show less
CVE-2024-5463 1Synology 2Bc500 Firmware Tc500 Firmware Jun 17, 2026 Jun 4, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to write specific files containing non-sensitive in...Show more A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors. This attack only affects the login service which will automatically restart. The following models with Synology Camera Firmware versions before 1.1.1-0383 may be affected: BC500 and TC500.Show less
CVE-2023-43556 1Qualcomm 65Ar8035 Firmware Fastconnect 6700 FirmwareFastconnect 6900 Firmware+62 more Jun 17, 2026 Jun 3, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Memory corruption in Hypervisor when platform information mentioned is not aligned.
CVE-2023-43542 1Qualcomm 2029205 Lte Modem Firmware Aqt1000 FirmwareAr8031 Firmware+199 more Jun 17, 2026 Jun 3, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
CVE-2023-43538 1Qualcomm 133Aqt1000 Firmware Ar8035 FirmwareFastconnect 6200 Firmware+130 more Jun 17, 2026 Jun 3, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
CVE-2024-5564 - - Jun 17, 2026 May 31, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp...Show more A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.Show less

Previous 1...888990...212 Next