Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-26952 1Linux 1Linux Kernel Jun 17, 2026 May 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invali...Show more In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to ->Buffer offset to validate buffer length.Show less
CVE-2024-26936 1Linux 1Linux Kernel Jun 17, 2026 May 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2_allocate_rsp_buf() The response buffer should be allocated in smb2_allocate_rsp_buf before validating requ...Show more In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2_allocate_rsp_buf() The response buffer should be allocated in smb2_allocate_rsp_buf before validating request. But the fields in payload as well as smb2 header is used in smb2_allocate_rsp_buf(). This patch add simple buffer size validation to avoid potencial out-of-bounds in request buffer.Show less
CVE-2023-46960 - - Jun 17, 2026 Apr 29, 2024 N/A· v4 8.6 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker to cause a denial of service via the handle function in the tftp module.
CVE-2023-46566 - - Jun 17, 2026 Apr 29, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a remote attacker to cause a denial of service via the parse function in the TftpPacketFactory class.
CVE-2023-46565 - - Jun 17, 2026 Apr 29, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in osrg gobgp commit 419c50dfac578daa4d11256904d0dc182f1a9b22 allows a remote attacker to cause a denial of service via the handlingError function in pkg/server/fsm.go.
CVE-2023-52080 - - Jun 17, 2026 Apr 29, 2024 N/A· v4 7.7 HIGH· v3 N/A· v2 IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these var...Show more IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on SPI Flash, resulting in memory data being tampered with. When critical data in memory data is tampered with,a crash may occur.Show less
CVE-2024-1969 - - Jun 17, 2026 Apr 29, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033....Show more Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033. Show less
CVE-2022-48657 1Linux 1Linux Kernel Jun 17, 2026 Apr 28, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: arm64: topology: fix possible overflow in amu_fie_setup() cpufreq_get_hw_max_freq() returns max frequency in kHz as unsigned int, while freq_inv_set...Show more In the Linux kernel, the following vulnerability has been resolved: arm64: topology: fix possible overflow in amu_fie_setup() cpufreq_get_hw_max_freq() returns max frequency in kHz as unsigned int, while freq_inv_set_max_ratio() gets passed this frequency in Hz as 'u64'. Multiplying max frequency by 1000 can potentially result in overflow -- multiplying by 1000ULL instead should avoid that... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.Show less
CVE-2024-26927 1Linux 1Linux Kernel Jun 17, 2026 Apr 28, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head->full_size - head->header_size" can underflow. To some extent, we'r...Show more In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head->full_size - head->header_size" can underflow. To some extent, we're always going to have to trust the firmware a bit. However, it's easy enough to add a check for negatives, and let's add a upper bounds check as well.Show less
CVE-2023-50364 1Qnap 2Qts Quts Hero Jun 17, 2026 Apr 26, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later Show less
CVE-2023-50362 1Qnap 2Qts Quts Hero Jun 17, 2026 Apr 26, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later Show less
CVE-2023-50361 1Qnap 2Qts Quts Hero Jun 17, 2026 Apr 26, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later Show less
CVE-2024-32324 1Szlbt 1Lbt T300 T400 Firmware Jun 17, 2026 Apr 25, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v.3.2 allows a local attacker to execute arbitrary code via the vpn_client_ip variable of the config_vpn_pptp function in rc program.
CVE-2024-20313 1Cisco 1Ios Xe Jun 17, 2026 Apr 24, 2024 N/A· v4 7.4 HIGH· v3 N/A· v2 A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS)...Show more A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of OSPF updates that are processed by a device. An attacker could exploit this vulnerability by sending a malformed OSPF update to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.Show less
CVE-2024-33214 1Tenda 1Fh1206 Firmware Jun 17, 2026 Apr 23, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter in ip/goform/RouteStatic.
CVE-2024-30799 1Dronecode 1Px4 Drone Autopilot Jun 17, 2026 Apr 22, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 An issue in PX4 Autopilot v1.14 and before allows a remote attacker to execute arbitrary code and cause a denial of service via the Breach Return Point function.
CVE-2024-4020 1Tenda 1Fh1206 Firmware Jun 17, 2026 Apr 20, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument entrys leads to buffer o...Show more A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument entrys leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-22905 1Arm 1Mbed Os Jun 17, 2026 Apr 19, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function.
CVE-2023-51798 2Fedoraproject Ffmpeg 2Fedora Ffmpeg Jun 17, 2026 Apr 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.
CVE-2023-51796 2Fedoraproject Ffmpeg 2Fedora Ffmpeg Jun 17, 2026 Apr 19, 2024 N/A· v4 3.6 LOW· v3 N/A· v2 Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.

Previous 1...929394...212 Next