CWE-120
4,202 CVEs • Abstraction: Base • Likelihood of Exploit: High
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CVEs (4,202)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Remote image configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the pri...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Remote video storage function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileg...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote att...Show more |
1Asus 44Asmb9 Ikvm Firmware E700 G4 FirmwareEsc4000 Dhd G4 Firmware+41 moreJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the priv...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the pri...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privilege...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the pr...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the pr...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permiss...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the priv...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission,...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the pri...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privil...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the pr...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote a...Show more |
1Asus 3Asmb8 Ikvm Firmware Z10pe D16 Ws FirmwareZ10pr D16 FirmwareJun 17, 2026 Apr 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remot...Show more |