Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,224)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-25708 1Qualcomm 17Sd888 5g Firmware Sd 8 Gen1 5g FirmwareSm7450 Firmware+14 more Jun 17, 2026 Sep 16, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Memory corruption in WLAN due to buffer copy without checking size of input while parsing keys in Snapdragon Connectivity, Snapdragon Mobile
CVE-2022-25688 1Qualcomm 150Apq8009 Firmware Apq8009w FirmwareApq8017 Firmware+147 more Jun 17, 2026 Sep 16, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...Show more Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesShow less
CVE-2022-25686 1Qualcomm 107Apq8017 Firmware Apq8053 FirmwareAqt1000 Firmware+104 more Jun 17, 2026 Sep 16, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Memory corruption in video module due to buffer overflow while processing WAV file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2022-38326 1Tendacn 2Ac15 Firmware Ac18 Firmware Jun 17, 2026 Sep 15, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.
CVE-2022-38325 1Tendacn 2Ac15 Firmware Ac18 Firmware Jun 17, 2026 Sep 15, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile.
CVE-2022-40438 1Axiosys 1Bento4 Jun 17, 2026 Sep 14, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file.
CVE-2022-3077 1Linux 1Linux Kernel Jun 17, 2026 Sep 9, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This f...Show more A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This flaw could allow a local user to crash the system.Show less
CVE-2022-36280 2Debian Linux 2Debian Linux Linux Kernel Jun 17, 2026 Sep 9, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a lo...Show more An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).Show less
CVE-2022-36588 1Dlink 1Dap 1650 Firmware Jun 17, 2026 Sep 8, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.
CVE-2022-36586 1Tenda 1G3 Firmware Jun 17, 2026 Sep 8, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.
CVE-2021-34236 1Netgear 1R8000 Firmware Jun 17, 2026 Sep 8, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.cgi' with a sufficient...Show more Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.cgi' with a sufficiently long parameter 'register_country'.Show less
CVE-2022-36585 1Tenda 1G3 Firmware Jun 17, 2026 Sep 7, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.
CVE-2022-36587 1Tenda 1G3 Firmware Jun 17, 2026 Sep 7, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.
CVE-2022-31414 1Dlink 1Dir 1960 Firmware Jun 17, 2026 Sep 7, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-1960 firmware DIR-1960_A1_1.11 was discovered to contain a buffer overflow via srtcat in prog.cgi. This vulnerability allowed attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVE-2022-40112 1Totolink 1A3002r Firmware Jun 17, 2026 Sep 6, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa.
CVE-2022-40110 1Totolink 1A3002r Firmware Jun 17, 2026 Sep 6, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa.
CVE-2022-37842 1Totolink 1A860r Firmware Jun 17, 2026 Sep 6, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In TOTOLINK A860R V4.1.2cu.5182_B20201027, the parameters in infostat.cgi are not filtered, causing a buffer overflow vulnerability.
CVE-2022-37840 1Totolink 1A860r Firmware Jun 17, 2026 Sep 6, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In TOTOLINK A860R V4.1.2cu.5182_B20201027, the main function in downloadfile.cgi has a buffer overflow vulnerability.
CVE-2022-37839 1Totolink 1A860r Firmware Jun 17, 2026 Sep 6, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A860R V4.1.2cu.5182_B20201027 is vulnerable to Buffer Overflow via Cstecgi.cgi.
CVE-2022-36584 1Tenda 1G3 Firmware Jun 17, 2026 Sep 6, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.

Previous 1...139140141...212 Next