Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-10005 1Easyftp Server Project 1Easyftp Server Nov 21, 2024 Jan 16, 2024 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch t...Show more A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250716.Show less
CVE-2022-48620 1Troglobit 1Libeuv Jun 17, 2026 Jan 12, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 uev (aka libuev) before 2.4.1 has a buffer overflow in epoll_wait if maxevents is a large number.
CVE-2023-40250 1Hancom 1Hcell Jun 17, 2026 Jan 12, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Hancom HCell on Windows allows Overflow Buffers.This issue affects HCell: 12.0.0.893.
CVE-2023-32401 1Apple 1Macos Jun 17, 2026 Jan 10, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination...Show more A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination or arbitrary code execution.Show less
CVE-2023-47995 1Freeimage Project 1Freeimage Jun 17, 2026 Jan 9, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.
CVE-2023-7222 1Totolink 1X2000r Firmware Jun 17, 2026 Jan 9, 2024 N/A· v4 9.8 CRITICAL· v3 8.3 HIGH· v2 A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. T...Show more A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249856. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0213 1Trellix 1Agent Jun 17, 2026 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the T...Show more A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event reporting to ePO, caused by failure to validate input from the file correctly. Show less
CVE-2023-7221 1Totolink 1T6 Firmware Jun 17, 2026 Jan 9, 2024 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler...Show more A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249855. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-38583 1Tonybybell 1Gtkwave Jun 17, 2026 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open...Show more A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.Show less
CVE-2023-7208 1Totolink 1X2000r Firmware Jun 17, 2026 Jan 7, 2024 N/A· v4 9.8 CRITICAL· v3 7.7 HIGH· v2 A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-2497...Show more A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-45044 1Qnap 2Qts Quts Hero Jun 17, 2026 Jan 5, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later Show less
CVE-2023-45043 1Qnap 2Qts Quts Hero Jun 17, 2026 Jan 5, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later Show less
CVE-2023-45042 1Qnap 2Qts Quts Hero Jun 17, 2026 Jan 5, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later Show less
CVE-2023-45041 1Qnap 2Qts Quts Hero Jun 17, 2026 Jan 5, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later Show less
CVE-2023-45040 1Qnap 2Qts Quts Hero Jun 17, 2026 Jan 5, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later Show less
CVE-2023-45039 1Qnap 2Qts Quts Hero Jun 17, 2026 Jan 5, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later Show less
CVE-2023-50991 1Tenda 1I29 Firmware Jun 17, 2026 Jan 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service (DoS) via the pingIp parameter in the pingSet function.
CVE-2023-52309 1Paddlepaddle 1Paddlepaddle Jun 17, 2026 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
CVE-2023-52307 1Paddlepaddle 1Paddlepaddle Jun 17, 2026 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
CVE-2023-52304 1Paddlepaddle 1Paddlepaddle Jun 17, 2026 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.

Previous 1...100101102...212 Next