Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-26319 1Mi 1Xiaomi Router Ax3200 Firmware Jun 17, 2026 Oct 11, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
CVE-2023-26318 1Mi 1Xiaomi Router Ax3200 Firmware Jun 17, 2026 Oct 11, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.
CVE-2023-43896 1Macrium 1Reflect Jun 17, 2026 Oct 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code.
CVE-2023-45199 2Arm Trustedfirmware 2Mbed Tls Mbed Tls Jun 17, 2026 Oct 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.
CVE-2023-43615 3Arm FedoraprojectTrustedfirmware 3Fedora Mbed TlsMbed Tls Jun 17, 2026 Oct 7, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
CVE-2023-3725 1Zephyrproject 1Zephyr Jun 17, 2026 Oct 6, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem
CVE-2023-32972 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Oct 6, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later Show less
CVE-2023-32971 1Qnap 3Qts Quts HeroQutscloud Jun 17, 2026 Oct 6, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via...Show more A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later Show less
CVE-2023-44839 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44838 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44837 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted inpu...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44836 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted in...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44835 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted in...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44834 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44833 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44832 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted in...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44831 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted in...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44830 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44829 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less
CVE-2023-44828 1Dlink 1Dir 823g Firmware Jun 17, 2026 Oct 5, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a...Show more D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.Show less

Previous 1...107108109...212 Next