Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-51885 1Ctan 1Mathtex Jun 17, 2026 Jan 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via the length of the LaTeX string component.
CVE-2024-0732 1Pcman Ftp Server Project 1Pcman Ftp Server Jun 17, 2026 Jan 19, 2024 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability was found in PCMan FTP Server 2.0.7 and classified as problematic. This issue affects some unknown processing of the component STOR Command Handler. The manipulation leads to denial of service. The attack...Show more A vulnerability was found in PCMan FTP Server 2.0.7 and classified as problematic. This issue affects some unknown processing of the component STOR Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251555.Show less
CVE-2024-0731 1Pcman Ftp Server Project 1Pcman Ftp Server Jun 17, 2026 Jan 19, 2024 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as problematic. This vulnerability affects unknown code of the component PUT Command Handler. The manipulation leads to denial of service. The attac...Show more A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as problematic. This vulnerability affects unknown code of the component PUT Command Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251554 is the identifier assigned to this vulnerability.Show less
CVE-2024-22919 1Swftools 1Swftools Jun 17, 2026 Jan 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587.
CVE-2024-22912 1Swftools 1Swftools Jun 17, 2026 Jan 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution.
CVE-2023-5130 1Deltaww 1Wplsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 8.8 HIGH· v3 7.3 HIGH· v2 A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution.
CVE-2023-43824 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by entic...Show more A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.Show less
CVE-2023-43823 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing...Show more A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.Show less
CVE-2023-43822 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by e...Show more A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. Show less
CVE-2023-43821 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by...Show more A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. Show less
CVE-2023-43820 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability...Show more A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.Show less
CVE-2023-43819 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the InitialMacroLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by ent...Show more A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the InitialMacroLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. Show less
CVE-2023-43818 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remo...Show more A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. Show less
CVE-2023-43817 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wMailContentLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to...Show more A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wMailContentLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. Show less
CVE-2023-43816 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by entici...Show more A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. Show less
CVE-2023-43815 1Deltaww 1Dopsoft Jun 17, 2026 Jan 18, 2024 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by e...Show more A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. Show less
CVE-2024-22419 1Vyperlang 1Vyper Jun 17, 2026 Jan 18, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The roo...Show more Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. The buffer overflow can result in the change of semantics of the contract. The overflow is length-dependent and thus it might go unnoticed during contract testing. However, certainly not all usages of concat will result in overwritten valid data as we require it to be in an internal function and close to the return statement where other memory allocations don't occur. This issue has been addressed in 0.4.0.Show less
CVE-2024-0645 1Explorerplusplus 1Explorer++ Jun 17, 2026 Jan 17, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler (SEH) records.
CVE-2023-6334 1Hypr 1Workforce Access Jun 17, 2026 Jan 16, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.
CVE-2023-52103 1Huawei 2Emui Harmonyos Jun 17, 2026 Jan 16, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read.

Previous 1...99100101...212 Next