Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-25435 1Libtiff 1Libtiff Jun 17, 2026 Jun 21, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.
CVE-2023-0970 1Silabs 1Z/ip Gateway Sdk Jun 17, 2026 Jun 21, 2023 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially exe...Show more Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code.Show less
CVE-2023-34563 1Netgear 1R6250 Firmware Jun 17, 2026 Jun 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.
CVE-2020-20703 1Vim 1Vim Jun 17, 2026 Jun 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter.
CVE-2022-48501 1Huawei 1Emui Jun 17, 2026 Jun 19, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48497 1Huawei 1Emui Jun 17, 2026 Jun 19, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48490 1Huawei 1Emui Jun 17, 2026 Jun 19, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2023-35856 1Nintendo 1Mario Kart Wii Jun 17, 2026 Jun 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, and RMCK01 can be exploited by a game client to execute arbitrary code on a client's machine via a crafted packet.
CVE-2023-35855 1Valvesoftware 1Counter Strike Jun 17, 2026 Jun 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow in Counter-Strike through 8684 allows a game server to execute arbitrary code on a remote client's machine by modifying the lservercfgfile console variable.
CVE-2023-34832 1Tp Link 1Archer Ax10 Firmware Jun 17, 2026 Jun 16, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4.
CVE-2023-2686 1Silabs 1Gecko Software Development Kit Jun 17, 2026 Jun 15, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack.
CVE-2023-21143 1Google 1Android Jun 17, 2026 Jun 15, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. Us...Show more In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-268193777Show less
CVE-2023-21136 1Google 1Android Jun 17, 2026 Jun 15, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. Use...Show more In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-246542285Show less
CVE-2023-21135 1Google 1Android Jun 17, 2026 Jun 15, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional executio...Show more In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119Show less
CVE-2023-1329 1Hp 957 Laserjet Managed Mfp E62665 3gy14a Firmware Laserjet Managed Mfp E62665 3gy15a Firmware Laserjet Managed Mfp E62665 3gy16a Firmware+954 more Jun 17, 2026 Jun 14, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potent...Show more A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products.Show less
CVE-2023-25434 1Libtiff 1Libtiff Jun 17, 2026 Jun 14, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
CVE-2022-28550 1Jhead Project 1Jhead Jun 17, 2026 Jun 13, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the st...Show more Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when multiple `&i` or `&o` are given.Show less
CVE-2023-34115 1Zoom 1Meeting Sdk Jun 17, 2026 Jun 13, 2023 N/A· v4 3.8 LOW· v3 N/A· v2 Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to...Show more Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted.Show less
CVE-2023-32674 1Hp 1Pc Hardware Diagnostics Jun 17, 2026 Jun 12, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer overflow.
CVE-2023-34336 1Ami 1Megarac Sp X Jun 17, 2026 Jun 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges....Show more AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges. Show less

Previous 1...117118119...212 Next