Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-45035 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2023-41292 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2023-41280 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2023-41279 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2023-41278 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2023-41277 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2023-41276 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2023-41275 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2023-41273 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Feb 2, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We h...Show more A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later Show less
CVE-2024-0338 1Apachefriends 1Xampp Jun 17, 2026 Feb 2, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler (SEH...Show more A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler (SEH).Show less
CVE-2024-24736 1Ypopsemail 1Ypops! Jun 17, 2026 Jan 29, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 The POP3 service in YahooPOPs (aka YPOPs!) 1.6 allows a remote denial of service (reboot) via a long string to TCP port 110, a related issue to CVE-2004-1558.
CVE-2024-23621 1Ibm 1Merge Efilm Workstation Jun 17, 2026 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution.
CVE-2024-23617 1Broadcom 1Symantec Data Center Security Server Jun 17, 2026 Jan 26, 2024 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achiev...Show more A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution. Show less
CVE-2024-23616 1Broadcom 1Symantec Server Management Suite Jun 17, 2026 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.
CVE-2024-23615 1Broadcom 1Symantec Messaging Gateway Jun 17, 2026 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
CVE-2024-23614 1Broadcom 1Symantec Messaging Gateway Jun 17, 2026 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 9.4 HIGH· v2 A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
CVE-2024-23613 1Broadcom 1Symantec Deployment Solutions Jun 17, 2026 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 9.3 HIGH· v2 A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTE...Show more A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. Show less
CVE-2024-22749 1Gpac 1Gpac Jun 17, 2026 Jan 25, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577
CVE-2023-51888 1Ctan 1Mathtex Jun 17, 2026 Jan 24, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in the nomath() function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL.
CVE-2023-51886 1Ctan 1Mathtex Jun 17, 2026 Jan 24, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in the main() function in Mathtex 1.05 and before allows a remote attacker to cause a denial of service when using \convertpath.

Previous 1...9899100...212 Next