Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-49556 1Yasm Project 1Yasm Jun 17, 2026 Jan 3, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component.
CVE-2023-33113 1Qualcomm 122Ar8035 Firmware Csra6620 FirmwareCsra6640 Firmware+119 more Jun 17, 2026 Jan 2, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
CVE-2023-33085 1Qualcomm 102Ar8035 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+99 more Jun 17, 2026 Jan 2, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in wearables while processing data from AON.
CVE-2023-33030 1Qualcomm 293315 5g Iot Modem Firmware 9205 Lte Modem Firmware9206 Lte Modem Firmware+290 more Jun 17, 2026 Jan 2, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in HLOS while running playready use-case.
CVE-2023-33025 1Qualcomm 24Ar8035 Firmware Fastconnect 6700 FirmwareFastconnect 6900 Firmware+21 more Jun 17, 2026 Jan 2, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call.
CVE-2023-50096 1St 1X Cube Safea1 Jun 17, 2026 Jan 1, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-C...Show more STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications (1.2.0), and thus can affect user-written code that was derived from a published sample application.Show less
CVE-2023-51434 1Hihonor 1Magic Ui Jun 17, 2026 Dec 29, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Some Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution.
CVE-2023-47091 1Stormshield 1Stormshield Network Security Jun 17, 2026 Dec 25, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie...Show more An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible.Show less
CVE-2023-51771 1Starnight 1Micro Http Server Jun 17, 2026 Dec 25, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In MicroHttpServer (aka Micro HTTP Server) through a8ab029, _ParseHeader in lib/server.c allows a one-byte recv buffer overflow via a long URI.
CVE-2023-7095 1Totolink 1A7100ru Firmware Jun 17, 2026 Dec 25, 2023 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP...Show more A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248942 is the identifier assigned to this vulnerability.Show less
CVE-2023-48704 1Clickhouse 2Clickhouse Clickhouse Cloud Jun 17, 2026 Dec 22, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could sen...Show more ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of Gorilla codec that crashes the ClickHouse server process. This attack does not require authentication. This issue has been addressed in ClickHouse Cloud version 23.9.2.47551 and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and 23.9.6.20.Show less
CVE-2023-50986 1Tenda 1I29 Firmware Jun 17, 2026 Dec 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function.
CVE-2023-50628 1Libming 1Libming Jun 17, 2026 Dec 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive information via parser.c component.
CVE-2023-50044 1Cesanta 1Mjs Jun 17, 2026 Dec 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Cesanta MJS 2.20.0 has a getprop_builtin_foreign out-of-bounds read if a Built-in API name occurs in a substring of an input string.
CVE-2023-6711 1Hitachienergy 1Rtu500 Firmware Jun 17, 2026 Dec 19, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and...Show more Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU.Show less
CVE-2023-6906 1Totolink 1A7100ru Firmware Jun 17, 2026 Dec 18, 2023 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handle...Show more A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248268. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-50784 1Unrealircd 1Unrealircd Jun 17, 2026 Dec 16, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execu...Show more A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.Show less
CVE-2023-50469 1Szlbt 1Lbt T300 T310 Firmware Jun 17, 2026 Dec 15, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi.
CVE-2023-37457 2Digium Sangoma 2Asterisk Certified Asterisk Jun 17, 2026 Dec 14, 2023 N/A· v4 8.2 HIGH· v3 N/A· v2 Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionali...Show more Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa.Show less
CVE-2023-42801 1Moonlight Stream 8Moonlight Moonlight Common CMoonlight Embedded+5 more Jun 17, 2026 Dec 14, 2023 N/A· v4 7.6 HIGH· v3 N/A· v2 Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit f57bd745b4cbed577ea654fad4701bea4d38b44c. A malicious g...Show more Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit f57bd745b4cbed577ea654fad4701bea4d38b44c. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client. Achieving RCE is possible but unlikely, due to stack canaries in use by modern compiler toolchains. The published binaries for official clients Qt, Android, iOS/tvOS, and Embedded are built with stack canaries, but some unofficial clients may not use stack canaries. This vulnerability takes place after the pairing process, so it requires the client to be tricked into pairing to a malicious host. It is not possible to perform using a man-in-the-middle due to public key pinning that takes place during the pairing process. The bug was addressed in commit b2497a3918a6d79808d9fd0c04734786e70d5954.Show less

Previous 1...101102103...212 Next