Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,224)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-45654 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.
CVE-2022-45653 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.
CVE-2022-45652 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.
CVE-2022-45651 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.
CVE-2022-45650 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.
CVE-2022-45649 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function.
CVE-2022-45648 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.
CVE-2022-45647 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.
CVE-2022-45646 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function.
CVE-2022-45645 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function.
CVE-2022-45644 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.
CVE-2022-45643 1Tendacn 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function.
CVE-2022-45641 1Tenda 1Ac6 Firmware Jun 17, 2026 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg.
CVE-2022-4172 2Fedoraproject Qemu 2Fedora Qemu Jun 17, 2026 Nov 29, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to...Show more An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host.Show less
CVE-2022-44283 1Avs4you 1Avs Audio Converter Jun 17, 2026 Nov 28, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 AVS Audio Converter 10.3 is vulnerable to Buffer Overflow.
CVE-2022-39067 1Zte 1Mf286r Firmware Jun 17, 2026 Nov 22, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.
CVE-2022-44183 1Tenda 1Ac18 Firmware Jun 17, 2026 Nov 21, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic.
CVE-2022-44180 1Tenda 1Ac18 Firmware Jun 17, 2026 Nov 21, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter.
CVE-2022-44178 1Tenda 1Ac18 Firmware Jun 17, 2026 Nov 21, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB.
CVE-2022-44177 1Tenda 1Ac18 Firmware Jun 17, 2026 Nov 21, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart.

Previous 1...135136137...212 Next