CWE-120
4,202 CVEs • Abstraction: Base • Likelihood of Exploit: High
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CVEs (4,202)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 1.5.1-628 leads to a denial of service (DOS). |
2Debian Exiv22Debian Linux Exiv2Jun 17, 2026 Jul 13, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS). |
3Debian FedoraprojectPython3Debian Linux FedoraPillowJun 17, 2026 Jul 13, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. |
Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service. |
Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service. |
Buffer overflow vulnerability in function jsvGetStringChars in Espruino before RELEASE_2V09, allows remote attackers to execute arbitrary code. |
Buffer Overflow vulnerability in quickjs.c in QuickJS, allows remote attackers to cause denial of service. This issue is resolved in the 2020-07-05 release. |
Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code. |
1Siemens 52Ruggedcom Ros I800 Ruggedcom Ros I801Ruggedcom Ros I802+49 moreJun 17, 2026 Jul 13, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.7), RUGGEDCOM i801 (All versions < V4.3.7), RUGGEDCOM i802 (All versions < V4.3.7), RUGGEDCOM i803 (All versions < V4.3.7), RUGGEDCOM M2100 (All...Show more |
1Siemens 4Simatic Pcs Firmware Simatic Pdm FirmwareSimatic Step 7 Firmware+1 moreJun 17, 2026 Jul 13, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SI...Show more |
1Qualcomm 126Aqt1000 Firmware Ar9380 FirmwareCsr8811 Firmware+123 moreJun 17, 2026 Jul 13, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networkin...Show more |
1Qualcomm 121Aqt1000 Firmware Ar8031 FirmwareAr8035 Firmware+118 moreJun 17, 2026 Jul 13, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT...Show more |
1Qualcomm 84Apq8053 Firmware Csrb31024 FirmwareMsm8953 Firmware+81 moreJun 17, 2026 Jul 13, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile |
1Qualcomm 158Apq8017 Firmware Apq8037 FirmwareApq8053 Firmware+155 moreJun 17, 2026 Jul 13, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...Show more |
Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflo...Show more |
An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow. |
1Weidmueller 8Ie Wl Bl Ap Cl Eu Firmware Ie Wl Bl Ap Cl Us FirmwareIe Wl Vl Ap Br Cl Eu Firmware+5 moreJun 17, 2026 Jun 25, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality. A specially crafted user name entry can cause an o...Show more |
1Ibm 1Security Verify Privilege Manager Jun 17, 2026 Jun 25, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the...Show more |
Miniaudio 0.10.35 has an integer-based buffer overflow caused by an out-of-bounds left shift in drwav_bytes_to_u32 in miniaudio.h |
1Helpu 4Helpuftclient HelpuftserverHelpuserver+1 moreJun 17, 2026 Jun 24, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating...Show more |