Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-51793 1Ffmpeg 1Ffmpeg Jun 17, 2026 Apr 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.
CVE-2023-50010 2Fedoraproject Ffmpeg 2Fedora Ffmpeg Jun 17, 2026 Apr 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.
CVE-2023-50008 2Fedoraproject Ffmpeg 2Fedora Ffmpeg Jun 17, 2026 Apr 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:9 component.
CVE-2023-49502 2Fedoraproject Ffmpeg 2Fedora Ffmpeg Jun 17, 2026 Apr 19, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
CVE-2024-31040 1Emqx 1Nanomq Jun 17, 2026 Apr 17, 2024 N/A· v4 2.7 LOW· v3 N/A· v2 Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted hexstreams.
CVE-2024-26915 1Linux 1Linux Kernel Jun 17, 2026 Apr 17, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well.
CVE-2023-46060 1Tenda 1Ac500 Firmware Jun 17, 2026 Apr 17, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 A Buffer Overflow vulnerability in Tenda AC500 v.2.0.1.9 allows a remote attacker to cause a denial of service via the port parameter at the goform/setVlanInfo component.
CVE-2024-26889 2Debian Linux 2Debian Linux Linux Kernel Jun 17, 2026 Apr 17, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fixed size name[8] field so in the event that hdev->name is bigger than th...Show more In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fixed size name[8] field so in the event that hdev->name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switching to use strscpy.Show less
CVE-2022-24807 4Debian FedoraprojectNet Snmp+1 more 15Debian Linux Enterprise LinuxEnterprise Linux Eus+12 more Jun 17, 2026 Apr 16, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory...Show more net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. Show less
CVE-2022-24805 4Debian FedoraprojectNet Snmp+1 more 15Debian Linux Enterprise LinuxEnterprise Linux Eus+12 more Jun 17, 2026 Apr 16, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds m...Show more net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. Show less
CVE-2024-3871 - - Jun 17, 2026 Apr 16, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities. Successf...Show more The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities. Successful exploitation of these flaws would allow remote unauthenticated attackers to gain remote code execution with elevated privileges on the affected devices. This issue affects DVW-W02W2-E2 through version 2.5.2. Show less
CVE-2024-1755 1Computy 1Nps Computy Jun 17, 2026 Apr 15, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
CVE-2024-22526 1Bandisoft 1Bandiview Jun 17, 2026 Apr 12, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service (DoS) via exr image file.
CVE-2024-23077 1Jfree 1Jfreechart Jun 17, 2026 Apr 10, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/plot/CompassPlot.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to...Show more JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/plot/CompassPlot.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.Show less
CVE-2024-3120 1Irontec 1Sngrep Jun 17, 2026 Apr 10, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_va...Show more A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_validate_packet and sip_parse_extra_headers functions within src/sip.c. This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via crafted SIP messages.Show less
CVE-2024-3119 1Irontec 1Sngrep Jun 17, 2026 Apr 10, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy...Show more A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the data length. This flaw allows remote attackers to execute arbitrary code or cause a denial of service (DoS) through specially crafted SIP messages. Show less
CVE-2024-25115 - - Jun 17, 2026 Apr 9, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, specially crafted `CF.LOADCHUNK` commands may be used by authenticated users to perform he...Show more RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, specially crafted `CF.LOADCHUNK` commands may be used by authenticated users to perform heap overflow, which may lead to remote code execution. The problem is fixed in RedisBloom 2.4.7 and 2.6.10. Show less
CVE-2023-50821 - - Jun 17, 2026 Apr 9, 2024 6.9 MEDIUM· v4 6.2 MEDIUM· v3 N/A· v2 A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 U...Show more A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition.Show less
CVE-2024-23079 - - Jun 17, 2026 Apr 8, 2024 N/A· v4 6.2 MEDIUM· v3 N/A· v2 JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe...Show more JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.Show less
CVE-2023-52364 1Huawei 2Emui Harmonyos Jun 17, 2026 Apr 8, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.

Previous 1...939495...212 Next