Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-47217 1Openatom 1Openharmony Jun 17, 2026 Nov 20, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2023-47471 1Struktur 1Libde265 Jun 17, 2026 Nov 16, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component.
CVE-2023-47347 1Free5gc 1Free5gc Jun 17, 2026 Nov 15, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes.
CVE-2023-47345 1Free5gc 1Free5gc Jun 17, 2026 Nov 15, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero.
CVE-2023-45616 2Arubanetworks Hp 2Arubaos Instantos Jun 17, 2026 Nov 14, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point m...Show more There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Show less
CVE-2023-45615 2Arubanetworks Hp 2Arubaos Instantos Jun 17, 2026 Nov 14, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management...Show more There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Show less
CVE-2023-45614 2Arubanetworks Hp 2Arubaos Instantos Jun 17, 2026 Nov 14, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management...Show more There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Show less
CVE-2023-39206 1Zoom 5Meetings RoomsVideo Software Development Kit+2 more Jun 17, 2026 Nov 14, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
CVE-2023-39204 1Zoom 5Meetings RoomsVideo Software Development Kit+2 more Jun 17, 2026 Nov 14, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
CVE-2023-29177 1Fortinet 2Fortiadc Fortiddos F Jun 17, 2026 Nov 14, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attack...Show more Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests.Show less
CVE-2023-28741 1Intel 2Quickassist Technology Quickassist Technology Library Jun 17, 2026 Nov 14, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-43504 1Siemens 1Comos Jun 17, 2026 Nov 14, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer...Show more A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.Show less
CVE-2023-47346 1Free5gc 3Free5gc SmfUpf Jun 17, 2026 Nov 13, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages.
CVE-2023-47625 1Dronecode 1Px4 Drone Autopilot Jun 17, 2026 Nov 13, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 PX4 autopilot is a flight control solution for drones. In affected versions a global buffer overflow vulnerability exists in the CrsfParser_TryParseCrsfPacket function in /src/drivers/rc/crsf_rc/CrsfParser.cpp:298 due to...Show more PX4 autopilot is a flight control solution for drones. In affected versions a global buffer overflow vulnerability exists in the CrsfParser_TryParseCrsfPacket function in /src/drivers/rc/crsf_rc/CrsfParser.cpp:298 due to the invalid size check. A malicious user may create an RC packet remotely and that packet goes into the device where the _rcs_buf reads. The global buffer overflow vulnerability will be triggered and the drone can behave unexpectedly. This issue has been addressed in version 1.14.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.Show less
CVE-2023-47610 1Telit 10Bgs5 Firmware Ehs5 FirmwareEhs6 Firmware+7 more Jun 17, 2026 Nov 9, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a spec...Show more A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message.Show less
CVE-2023-43581 1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 more Jun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.
CVE-2023-43580 1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 more Jun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.
CVE-2023-43579 1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 more Jun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.
CVE-2023-43578 1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 more Jun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.
CVE-2023-43577 1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 more Jun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

Previous 1...104105106...212 Next