Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,201)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-10556 1Qualcomm 31Apq8009 Firmware Apq8053 FirmwareApq8096au Firmware+28 more Jun 17, 2026 Apr 16, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Missing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow in some cases in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Conn...Show more Missing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow in some cases in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8909W, MSM8917, MSM8953, Nicobar, QCN7605, QCS405, QCS605, QM215, Rennell, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130Show less
CVE-2019-20657 1Netgear 15D6200 Firmware D7000 FirmwareJr6150 Firmware+12 more Jun 17, 2026 Apr 15, 2020 N/A· v4 8.0 HIGH· v3 6.5 MEDIUM· v2 Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050...Show more Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 before 1.0.1.24, JR6150 before 1.0.1.24, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6230 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, and WNR2020 before 1.1.0.62.Show less
CVE-2020-10639 1Eaton 1Hmisoft Vu3 Firmware Jun 17, 2026 Apr 15, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could cause a buffer overflow when loaded by the af...Show more Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could cause a buffer overflow when loaded by the affected product.Show less
CVE-2020-0576 1Intel 1Compute Module Mfs2600ki Firmware Jun 17, 2026 Apr 15, 2020 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 Buffer overflow in Intel(R) Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2020-2944 1Oracle 1Solaris Jun 17, 2026 Apr 15, 2020 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker w...Show more Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).Show less
CVE-2020-7261 1Mcafee 1Endpoint Security Jun 17, 2026 Apr 15, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted use...Show more Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.Show less
CVE-2015-5524 1Google 1Android Nov 21, 2024 Apr 10, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is...Show more An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015).Show less
CVE-2020-9499 1Dahuasecurity 19Ipc Hx2xxx Firmware Ipc Hx5842h FirmwareIpc Hx7842h Firmware+16 more Jun 17, 2026 Apr 9, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down.
CVE-2020-10814 1Codeblocks 1Code\ Jun 17, 2026 Apr 8, 2020 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A buffer overflow vulnerability in Code::Blocks 17.12 allows an attacker to execute arbitrary code via a crafted project file.
CVE-2018-21066 1Google 1Android Nov 21, 2024 Apr 8, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Samsung mobile devices with M(6.0) (Exynos or MediaTek chipsets) software. There is a buffer overflow in a Trustlet that can cause memory corruption. The Samsung ID is SVE-2018-11599 (July 2018...Show more An issue was discovered on Samsung mobile devices with M(6.0) (Exynos or MediaTek chipsets) software. There is a buffer overflow in a Trustlet that can cause memory corruption. The Samsung ID is SVE-2018-11599 (July 2018).Show less
CVE-2018-21064 1Google 1Android Nov 21, 2024 Apr 8, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is an array overflow in a driver's input booster. The Samsung ID is SVE-2017-11816 (August 2018).
CVE-2018-21050 1Google 1Android Nov 21, 2024 Apr 8, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-128...Show more An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018).Show less
CVE-2018-21044 1Google 1Android Nov 21, 2024 Apr 8, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) software. The sem Trustlet has a buffer overflow that leads to arbitrary TEE code execution. The Samsung IDs are SVE-2018-13230, SVE-2018-13231, SV...Show more An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) software. The sem Trustlet has a buffer overflow that leads to arbitrary TEE code execution. The Samsung IDs are SVE-2018-13230, SVE-2018-13231, SVE-2018-13232, SVE-2018-13233 (December 2018).Show less
CVE-2018-21090 1Google 1Android Nov 21, 2024 Apr 8, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Samsung mobile devices with software through 2017-11-03 (S.LSI modem chipsets). The Exynos modem chipset has a baseband buffer overflow. The Samsung ID is SVE-2017-10745 (January 2018).
CVE-2017-18691 1Google 1Android Nov 21, 2024 Apr 7, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos8890 chipsets) software. There are multiple Buffer Overflows in TSP sysfs cmd_store. The Samsung ID is SVE-2016-7500 (January 2017).
CVE-2017-18690 1Google 1Android Nov 21, 2024 Apr 7, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Sams...Show more An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017).Show less
CVE-2017-18681 1Samsung 1Galaxy S5 Firmware Nov 21, 2024 Apr 7, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-7930 (March 2017).
CVE-2017-18661 1Google 1Android Nov 21, 2024 Apr 7, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in process_cipher_tdea. The Samsung ID is SVE-2017-8973 (July 2017).
CVE-2017-18660 1Google 1Android Nov 21, 2024 Apr 7, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in tlc_server. The Samsung ID is SVE-2017-8888 (July 2017).
CVE-2020-5734 1Solarwinds 1Dameware Jun 17, 2026 Apr 7, 2020 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 Classic buffer overflow in SolarWinds Dameware allows a remote, unauthenticated attacker to cause a denial of service by sending a large 'SigPubkeyLen' during ECDH key exchange.

Previous 1...187188189...211 Next