CWE-120
4,227 CVEs • Abstraction: Base • Likelihood of Exploit: High
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CVEs (4,227)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 moreJun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 moreJun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 moreJun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 moreJun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
1Lenovo 1Ideapad Duet 3 10igl5 Firmware Jun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code. |
1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 moreJun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 moreJun 17, 2026 Nov 8, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512. |
1Samsung 16Exynos 1080 Firmware Exynos 1280 FirmwareExynos 1330 Firmware+13 moreJun 17, 2026 Nov 8, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Aut...Show more |
Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data. |
1Qualcomm 151Apq5053 Aa Firmware Aqt1000 FirmwareAr8035 Firmware+148 moreJun 17, 2026 Nov 7, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory Corruption in Audio while invoking callback function in driver from ADSP. |
1Qualcomm 128Ar8035 Firmware Csr8811 FirmwareImmersive Home 214 Platform Firmware+125 moreJun 17, 2026 Nov 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. |
1Qualcomm 164Apq5053 Aa Firmware Apq8009 FirmwareApq8017 Firmware+161 moreJun 17, 2026 Nov 7, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. |
1Qualcomm 83Aqt1000 Firmware Ar8035 FirmwareFastconnect 6200 Firmware+80 moreJun 17, 2026 Nov 7, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing audio effects. |
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified v...Show more |
Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication. |
2Redhat Squid Cache10Enterprise Linux Enterprise Linux EusEnterprise Linux For Arm 64+7 moreJun 17, 2026 Nov 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication...Show more |
Buffer Overflow vulnerability in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_subimage_data function. |
2Libtiff Redhat2Enterprise Linux LibtiffJun 17, 2026 Nov 2, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. |
1Moxa 8Edr 810 2gsfp T Firmware Edr 810 2gsfp FirmwareEdr 810 Vpn 2gsfp T Firmware+5 moreJun 17, 2026 Nov 1, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, p...Show more |