CWE-120
4,202 CVEs • Abstraction: Base • Likelihood of Exploit: High
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CVEs (4,202)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Valvesoftware 1Steam Client Jun 17, 2026 Apr 10, 2021 N/A· v4 9.0 CRITICAL· v3 6.0 MEDIUM· v2 Valve Steam before 2021-04-17, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click. |
1Skyworthdigital 1Rn510 Firmware Jun 17, 2026 Apr 9, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead...Show more |
2Clamav Debian2Clamav Debian LinuxJun 17, 2026 Apr 8, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected...Show more |
In RELIC before 2021-04-03, there is a buffer overflow in PKCS#1 v1.5 signature verification because garbage bytes can be present. |
FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution. |
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay...Show more |
SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the EndOfCentralDirectory::read() function. |
SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contains a buffer overflow vulnerability in LibTextCode through opening a crafted file. |
RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c through the _parse_options() function. |
RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function. |
RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c. |
SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information (context-dependent). The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function....Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, re...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, re...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, rem...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the pri...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permis...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permiss...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the priv...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remot...Show more |