Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-23494 1Apple 2Ipados Iphone Os Jun 17, 2026 May 8, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service.
CVE-2023-22786 1Hp 2Arubaos Instantos Jun 17, 2026 May 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-22785 1Hp 2Arubaos Instantos Jun 17, 2026 May 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-22784 1Hp 2Arubaos Instantos Jun 17, 2026 May 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-22783 1Hp 2Arubaos Instantos Jun 17, 2026 May 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-22782 1Hp 2Arubaos Instantos Jun 17, 2026 May 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-22781 1Hp 2Arubaos Instantos Jun 17, 2026 May 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-22780 1Hp 2Arubaos Instantos Jun 17, 2026 May 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-22779 1Hp 2Arubaos Instantos Jun 17, 2026 May 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-30257 1Fiio 1M6 Firmware Jun 17, 2026 May 8, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build Number v1.0.4 allows attackers to escalate privileges to root.
CVE-2023-29932 1Llvm 1Llvm Jun 17, 2026 May 5, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.
CVE-2023-21504 1Samsung 1Android Jun 17, 2026 May 4, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
CVE-2023-21503 1Samsung 1Android Jun 17, 2026 May 4, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
CVE-2023-21494 1Samsung 1Android Jun 17, 2026 May 4, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
CVE-2023-27892 1Shapeshift 1Keepkey Firmware Jun 17, 2026 May 2, 2023 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal ar...Show more Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet.Show less
CVE-2023-29856 1Dlink 1Dir 868l Firmware Jun 17, 2026 May 2, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary.
CVE-2023-22924 1Zyxel 1Nbg 418n Firmware Jun 17, 2026 May 1, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to cause denial-of-service (DoS) conditions b...Show more A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing crafted CLI commands on a vulnerable device.Show less
CVE-2023-22922 1Zyxel 1Nbg 418n Firmware Jun 17, 2026 May 1, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled o...Show more A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device.Show less
CVE-2023-27972 1Hp 46Laserjet Pro M304 M305 W1a46a Firmware Laserjet Pro M304 M305 W1a47a FirmwareLaserjet Pro M304 M305 W1a48a Firmware+43 more Jun 25, 2026 Apr 28, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution.
CVE-2023-27971 1Hp 46Laserjet Pro M304 M305 W1a46a Firmware Laserjet Pro M304 M305 W1a47a FirmwareLaserjet Pro M304 M305 W1a48a Firmware+43 more Jun 25, 2026 Apr 28, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.

Previous 1...121122123...212 Next