Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,223)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-23203 1Adobe 1Photoshop Jun 17, 2026 Feb 16, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the co...Show more Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Photoshop.Show less
CVE-2022-23188 1Adobe 1Illustrator Jun 17, 2026 Feb 16, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted malicious file, potentially resulting in arbitrary code execu...Show more Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted malicious file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted malicious file in Illustrator.Show less
CVE-2022-24705 1Accel Ppp 1Accel Ppp Jun 17, 2026 Feb 14, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the serve...Show more The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.Show less
CVE-2022-24704 1Accel Ppp 1Accel Ppp Jun 17, 2026 Feb 14, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the cl...Show more The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered.Show less
CVE-2022-23431 1Google 1Android Jun 17, 2026 Feb 11, 2022 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
CVE-2022-23428 1Google 1Android Jun 17, 2026 Feb 11, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
CVE-2021-22824 1Schneider Electric 1Interactive Graphical Scada System Data Collector Jun 17, 2026 Feb 11, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Aff...Show more A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)Show less
CVE-2021-22802 1Schneider Electric 1Interactive Graphical Scada System Data Collector Jun 17, 2026 Feb 11, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the netwo...Show more A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)Show less
CVE-2021-30324 1Qualcomm 151Apq8096au Firmware Ar8031 FirmwareAr8035 Firmware+148 more Jun 17, 2026 Feb 11, 2022 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial...Show more Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and NetworkingShow less
CVE-2021-30323 1Qualcomm 101Apq8009w Firmware Apq8017 FirmwareApq8053 Firmware+98 more Jun 17, 2026 Feb 11, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...Show more Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesShow less
CVE-2021-30318 1Qualcomm 137Apq8009w Firmware Apq8017 FirmwareApq8096au Firmware+134 more Jun 17, 2026 Feb 11, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Vo...Show more Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon WearablesShow less
CVE-2021-30309 1Qualcomm 43Mdm9650 Firmware Qca6174a FirmwareQca6390 Firmware+40 more Jun 17, 2026 Feb 11, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2022-24313 1Schneider Electric 1Interactive Graphical Scada System Data Server Jun 17, 2026 Feb 9, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. A...Show more A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)Show less
CVE-2021-0115 2Intel Netapp 681Atom C3308 Atom C3336Atom C3338+678 more Jun 17, 2026 Feb 9, 2022 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2021-44957 1Rockcarry 1Ffjpeg Jun 17, 2026 Feb 8, 2022 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a cr...Show more Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file.Show less
CVE-2021-44864 1Tp Link 1Wn886n Firmware Jun 17, 2026 Feb 8, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redundant & in parameter.
CVE-2021-38172 1Debian 1Perm Jun 17, 2026 Feb 5, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 perM 0.4.0 has a Buffer Overflow related to strncpy. (Debian initially fixed this in 0.4.0-7.)
CVE-2022-22725 1Schneider Electric 1Easergy P3 Firmware Jun 17, 2026 Feb 4, 2022 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device o...Show more A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P3 (All versions prior to V30.205)Show less
CVE-2022-22723 1Schneider Electric 1Easergy P5 Firmware Jun 17, 2026 Feb 4, 2022 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device o...Show more A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)Show less
CVE-2021-29219 1Hpe 7Flexnetwork 5130 Jg932a Firmware Flexnetwork 5130 Jg933a FirmwareFlexnetwork 5130 Jg934a Firmware+4 more Jun 17, 2026 Feb 4, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A potential local buffer overflow vulnerability has been identified in HPE FlexNetwork 5130 EL Switch Series version: Prior to 5130_EI_7.10.R3507P02. HPE has made the following software update to resolve the vulnerabilit...Show more A potential local buffer overflow vulnerability has been identified in HPE FlexNetwork 5130 EL Switch Series version: Prior to 5130_EI_7.10.R3507P02. HPE has made the following software update to resolve the vulnerability in HPE FlexNetwork 5130 EL Switch Series version 5130_EL_7.10.R3507P02.Show less

Previous 1...152153154...212 Next