Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,202)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-8937 1Google 1Asylo Jun 17, 2026 Dec 15, 2020 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fai...Show more An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. This allows an attacker to write memory values from within the enclave. We recommend upgrading past commit a37fb6a0e7daf30134dbbf357c9a518a1026aa02Show less
CVE-2020-24336 2Contiki Ng Contiki Os 2Contiki Contiki Ng. Jun 17, 2026 Dec 11, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, whe...Show more An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled.Show less
CVE-2020-24633 1Arubanetworks 2Arubaos Sd Wan Jun 17, 2026 Dec 11, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (821...Show more There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.Show less
CVE-2020-29659 1Flexense 1Dupscout Jun 17, 2026 Dec 9, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.
CVE-2020-9972 1Apple 4Ipad Os Iphone OsMacos+1 more Jun 17, 2026 Dec 8, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary...Show more A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.Show less
CVE-2020-9954 1Apple 5Ipados Iphone OsMac Os X+2 more Jun 17, 2026 Dec 8, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 7.0, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0...Show more A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 7.0, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Playing a malicious audio file may lead to arbitrary code execution.Show less
CVE-2020-27818 3Debian FedoraprojectLibpng 4Debian Linux Extra Packages For Enterprise LinuxFedora+1 more Jun 17, 2026 Dec 8, 2020 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application ava...Show more A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability.Show less
CVE-2020-9247 1Huawei 13Hima L29c Firmware Honor 20 Pro FirmwareLaya Al00ep Firmware+10 more Jun 17, 2026 Dec 7, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker shou...Show more There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.Show less
CVE-2020-6017 1Valvesoftware 1Game Networking Sockets Jun 17, 2026 Dec 3, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffe...Show more Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.Show less
CVE-2020-6018 1Valvesoftware 1Game Networking Sockets Jun 17, 2026 Dec 2, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and...Show more Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.Show less
CVE-2020-4102 1Hcltech 1Notes Jun 17, 2026 Dec 2, 2020 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Notes or execute attacker-controlled code on the client...Show more HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Notes or execute attacker-controlled code on the client system.Show less
CVE-2020-14260 1Hcltech 1Domino Jun 17, 2026 Dec 2, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the serve...Show more HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system.Show less
CVE-2020-28926 2Debian Readymedia Project 2Debian Linux Readymedia Jun 17, 2026 Nov 30, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer o...Show more ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.Show less
CVE-2020-27745 2Debian Schedmd 2Debian Linux Slurm Jun 17, 2026 Nov 27, 2020 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.
CVE-2020-28864 1Winscp 1Winscp Jun 17, 2026 Nov 23, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have other unspecified impact via a long file name.
CVE-2020-25185 1Paradox 1Ip150 Firmware Jun 17, 2026 Nov 21, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09).
CVE-2020-28877 1Tp Link 15Wdr7400 Firmware Wdr7500 FirmwareWdr7660 Firmware+12 more Jun 17, 2026 Nov 20, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, W...Show more Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N.Show less
CVE-2020-7559 1Schneider Electric 1Ecostruxure Control Expert Jun 17, 2026 Nov 19, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC si...Show more A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus.Show less
CVE-2020-4701 1Ibm 1Db2 Jun 17, 2026 Nov 19, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code o...Show more IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.Show less
CVE-2020-28005 1Tp Link 1Tl Wpa4220 Firmware Jun 17, 2026 Nov 18, 2020 N/A· v4 6.5 MEDIUM· v3 3.5 LOW· v2 httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fi...Show more httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023Show less

Previous 1...175176177...211 Next