Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,220)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-42988 1Eltima 1Usb Network Gate Jun 17, 2026 Dec 7, 2021 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 Eltima USB Network Gate is affected by Buffer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of ser...Show more Eltima USB Network Gate is affected by Buffer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.Show less
CVE-2021-42983 1Nomachine 1Enterprise Client Jun 17, 2026 Dec 7, 2021 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause...Show more NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.Show less
CVE-2021-42980 1Nomachine 1Cloud Server Jun 17, 2026 Dec 7, 2021 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial o...Show more NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.Show less
CVE-2021-42976 1Nomachine 1Enterprise Desktop Jun 17, 2026 Dec 7, 2021 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 NoMachine Enterprise Desktop is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or caus...Show more NoMachine Enterprise Desktop is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.Show less
CVE-2021-42972 1Nomachine 1Server Jun 17, 2026 Dec 7, 2021 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (m...Show more NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.Show less
CVE-2020-12140 1Contiki Ng 1Contiki Ng. Jun 17, 2026 Dec 7, 2021 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames.
CVE-2021-43042 1Kaseya 1Unitrends Backup Jun 17, 2026 Dec 6, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A buffer overflow existed in the vaultServer component. This was exploitable by a remote unauthenticated attacker.
CVE-2020-36133 1Aomedia 1Aomedia Jun 17, 2026 Dec 2, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h.
CVE-2021-26777 1Circutor 1Compact Dc S Basic Firmware Jun 17, 2026 Dec 2, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Buffer overflow vulnerability in function SetFirewall in index.cgi in CIRCUTOR COMPACT DC-S BASIC smart metering concentrator Firwmare version CIR_CDC_v1.2.17, allows attackers to execute arbitrary code.
CVE-2021-20852 1Elecom 2Wrh 733gbk Firmware Wrh 733gwh Firmware Jun 17, 2026 Dec 1, 2021 N/A· v4 6.8 MEDIUM· v3 5.2 MEDIUM· v2 Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute an arbit...Show more Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors.Show less
CVE-2021-44429 1Vercot 1Serva Jun 17, 2026 Nov 29, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Serva 4.4.0 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1, a related issue to CVE-2013-0145.
CVE-2021-44428 1Ipuptime 1Pinkie Jun 17, 2026 Nov 29, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1.
CVE-2021-34423 1Zoom 26Android Meeting Sdk Android Video SdkControllers For Zoom Rooms+23 more Jun 17, 2026 Nov 24, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version...Show more A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI Windows Meeting Client before version 5.8.4, Zoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64) before version 5.8.4.21112, Zoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom On-Premise Meeting Connector Controller before version 4.8.12.20211115, Zoom On-Premise Meeting Connector MMR before version 4.8.12.20211115, Zoom On-Premise Recording Connector before version 5.1.0.65.20211116, Zoom On-Premise Virtual Room Connector before version 4.4.7266.20211117, Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64. This can potentially allow a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code.Show less
CVE-2021-42785 1Tightvnc 1Tightvnc Jun 17, 2026 Nov 23, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server.
CVE-2021-36333 1Dell 1Emc Cloud Link Jun 17, 2026 Nov 23, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash.
CVE-2021-39926 3Debian FedoraprojectWireshark 3Debian Linux FedoraWireshark Jun 17, 2026 Nov 19, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
CVE-2021-39925 3Debian FedoraprojectWireshark 3Debian Linux FedoraWireshark Jun 17, 2026 Nov 19, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-39922 3Debian FedoraprojectWireshark 3Debian Linux FedoraWireshark Jun 17, 2026 Nov 19, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-42731 1Adobe 1Indesign Jun 17, 2026 Nov 16, 2021 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code ex...Show more Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2021-3790 1Binatoneglobal 21Cn28 Firmware Cn40 FirmwareCn50 Firmware+18 more Jun 17, 2026 Nov 12, 2021 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the d...Show more A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device.Show less

Previous 1...156157158...211 Next