← Back
CWE-120

4,227 CVEs • Abstraction: Base • Likelihood of Exploit: High

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

JSON object

Loading...

CVEs (4,227)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-21427
1Freeimage Project
1Freeimage
Jun 17, 2026
Aug 22, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.
CVE-2020-21426
1Freeimage Project
1Freeimage
Jun 17, 2026
Aug 22, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.
CVE-2023-39750
1Dlink
1Dap 2660 Firmware
Jun 17, 2026
Aug 21, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. This vulnerability is exploited via a crafted POST request.
CVE-2023-39749
1Dlink
1Dap 2660 Firmware
Jun 17, 2026
Aug 21, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request.
CVE-2023-39747
1Tp Link
3Tl Wr841n V8 Firmware
Tl Wr940n V2 FirmwareTl Wr941nd V5 Firmware
Jun 17, 2026
Aug 21, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm.
CVE-2023-39745
1Tp Link
3Tl Wr841n V8 Firmware
Tl Wr940n V2 FirmwareTl Wr941nd V5 Firmware
Jun 17, 2026
Aug 21, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial...Show more
TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.Show less
CVE-2023-39454
1Elecom
3Wrc X1800gs B Firmware
Wrc X1800gsa B FirmwareWrc X1800gsh B Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code.
CVE-2023-39674
1Dlink
1Dir 880l A1 Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets.
CVE-2023-39673
1Tenda
1Ac15 Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34().
CVE-2023-39672
1Tenda
1Wh450a Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda WH450 v1.0.0.18 was discovered to contain a buffer overflow via the function fgets.
CVE-2023-39671
1Dlink
1Dir 880l A1 Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68.
CVE-2023-39670
1Tenda
1Ac6 Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets.
CVE-2023-39668
1Dlink
1Dir 868l Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function.
CVE-2023-39667
1Dlink
1Dir 868l Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function.
CVE-2023-39666
1Dlink
1Dir 842 Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters.
CVE-2023-39665
1Dlink
1Dir 868l Firmware
Jun 17, 2026
Aug 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter.
CVE-2023-4029
1Lenovo
26K14 Type 21cu Firmware
K14 Type 21cv FirmwareThinkpad E14 Gen 3 Firmware+23 more
Jun 17, 2026
Aug 17, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2023-4028
1Lenovo
2913w Yoga Firmware
13w Yoga Gen 2 FirmwareFlex 5 14alc05 Firmware+26 more
Jun 17, 2026
Aug 17, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2023-34419
1Lenovo
30Legion 5 15ach6 Firmware
Legion 5 15ach6a FirmwareLegion 5 15ach6h Firmware+27 more
Jun 17, 2026
Aug 17, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2023-38850
1Msweet
1Codedoc
Jun 17, 2026
Aug 15, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 comppnent.