Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,225)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-46542 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/addressNat.
CVE-2022-46541 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/fast_setting_wifi_set.
CVE-2022-46540 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/addressNat.
CVE-2022-46539 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security_5g parameter at /goform/WifiBasicSet.
CVE-2022-46537 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security parameter at /goform/WifiBasicSet.
CVE-2022-46536 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /goform/SetClientState.
CVE-2022-46535 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/SetClientState.
CVE-2022-46534 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the speed_dir parameter at /goform/SetSpeedWan.
CVE-2022-46533 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /goform/SetClientState.
CVE-2022-46532 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter.
CVE-2022-46531 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/addWifiMacFilter.
CVE-2022-46530 1Tenda 1F1203 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mac parameter at /goform/GetParentControlInfo.
CVE-2022-45666 1Tenda 1I22 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.
CVE-2022-45665 1Tenda 1I22 Firmware Jun 17, 2026 Dec 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.
CVE-2019-25078 1Pacparser Project 1Pacparser Jun 17, 2026 Dec 13, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. The manipulation of the argument url leads to...Show more A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. The manipulation of the argument url leads to buffer overflow. Attacking locally is a requirement. Upgrading to version 1.4.0 is able to address this issue. The name of the patch is 853e8f45607cb07b877ffd270c63dbcdd5201ad9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215443.Show less
CVE-2022-25712 1Qualcomm 46Aqt1000 Firmware Mdm9150 FirmwareQca6310 Firmware+43 more Jun 17, 2026 Dec 13, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2022-45997 1Tenda 1W20e Firmware Jun 17, 2026 Dec 12, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Tenda W20E V16.01.0.6(3392) is vulnerable to Buffer Overflow.
CVE-2022-37910 1Arubanetworks 2Arubaos Sd Wan Jun 17, 2026 Dec 12, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A buffer overflow vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in a denial of service on the affected system.
CVE-2022-20687 1Cisco 3Ata 190 Firmware Ata 191 FirmwareAta 192 Firmware Jun 17, 2026 Dec 12, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an...Show more Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. An attacker could exploit these vulnerabilities by sending a malicious LLDP packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause LLDP to restart unexpectedly, resulting in a denial of service (DoS) condition.Show less
CVE-2022-23480 2Debian Neutrinolabs 2Debian Linux Xrdp Jun 17, 2026 Dec 9, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() f...Show more xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue. Users are advised to upgrade.Show less

Previous 1...133134135...212 Next