Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,226)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-47464 1Google 1Android Jun 17, 2026 Apr 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVE-2022-47463 1Google 1Android Jun 17, 2026 Apr 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVE-2022-47362 1Google 1Android Jun 17, 2026 Apr 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVE-2022-47336 1Google 1Android Jun 17, 2026 Apr 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVE-2022-47335 1Google 1Android Jun 17, 2026 Apr 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVE-2023-26733 1Tinytiff Project 1Tinytiff Jun 17, 2026 Apr 4, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability found in tinyTIFF v.3.0 allows a local attacker to cause a denial of service via the TinyTiffReader_readNextFrame function in tinytiffreader.c file.
CVE-2020-23257 1Espruino 1Espruino Jun 17, 2026 Apr 4, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability found in Espruino 2v05.41 allows an attacker to cause a denial of service via the function jsvGarbageCollectMarkUsed in file src/jsvar.c.
CVE-2020-19695 1F5 1Njs Jun 17, 2026 Apr 4, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.
CVE-2020-19692 1F5 1Njs Jun 17, 2026 Apr 4, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file.
CVE-2023-0977 1Trellix 1Agent Jun 17, 2026 Apr 3, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unav...Show more A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable. Show less
CVE-2023-25076 1Sniproxy Project 1Sniproxy Jun 17, 2026 Mar 30, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP or TLS packet can le...Show more A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability.Show less
CVE-2023-28508 1Rocketsoftware 2Unidata Universe Jun 17, 2026 Mar 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap a...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process.Show less
CVE-2023-28506 1Rocketsoftware 2Unidata Universe Jun 17, 2026 Mar 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a m...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login to exploit.Show less
CVE-2023-28505 1Rocketsoftware 2Unidata Universe Jun 17, 2026 Mar 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-pr...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to exploit.Show less
CVE-2023-28504 1Rocketsoftware 2Unidata Universe Jun 17, 2026 Mar 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the roo...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user.Show less
CVE-2023-28502 1Rocketsoftware 2Unidata Universe Jun 17, 2026 Mar 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote code execution as the root user.Show less
CVE-2022-42431 1Tesla 1Model 3 Firmware Jun 17, 2026 Mar 29, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 This vulnerability allows local attackers to escalate privileges on affected Tesla vehicles. An attacker must first obtain the ability to execute privileged code on the target system in order to exploit this vulnerabilit...Show more This vulnerability allows local attackers to escalate privileges on affected Tesla vehicles. An attacker must first obtain the ability to execute privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the bcmdhd driver. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-17544.Show less
CVE-2022-27643 1Netgear 27D6220 Firmware D6400 FirmwareD7000v2 Firmware+24 more Jun 17, 2026 Mar 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The spe...Show more This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15692.Show less
CVE-2023-26924 1Llvm 1Llvm Jun 17, 2026 Mar 27, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can cause un...Show more LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can cause undesirable behavior."Show less
CVE-2023-25664 1Google 1Tensorflow Jun 17, 2026 Mar 25, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.

Previous 1...123124125...212 Next