Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,201)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-6192 1Lenovo 1Power Management Driver Jun 17, 2026 Dec 10, 2019 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.
CVE-2019-11935 1Facebook 1Hhvm Jun 17, 2026 Dec 4, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions betwee...Show more Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.Show less
CVE-2019-9689 1Axtls Project 1Axtls Jun 17, 2026 Dec 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates.
CVE-2019-19383 1Freeftpd 1Freeftpd Jun 17, 2026 Dec 3, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled).
CVE-2019-10013 1Axtls Project 1Axtls Jun 17, 2026 Dec 3, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in...Show more The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake message, because the result of get_asn1_length() is not checked for a minimum or maximum size.Show less
CVE-2019-7366 1Autodesk 1Fbx Software Development Kit Jun 17, 2026 Dec 3, 2019 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary...Show more Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system.Show less
CVE-2019-12518 1Anviz 1Crosschex Jun 17, 2026 Dec 2, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow vulnerability.
CVE-2019-19489 1Smplayer 1Smplayer Jun 17, 2026 Dec 2, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 SMPlayer 19.5.0 has a buffer overflow via a long .m3u file.
CVE-2019-5247 1Huawei 2Atlas 300 Firmware Atlas 500 Firmware Jun 17, 2026 Nov 29, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service...Show more Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash.Show less
CVE-2019-5225 1Huawei 3Mate 20 Firmware P30 FirmwareP30 Pro Firmware Jun 17, 2026 Nov 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P...Show more P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.Show less
CVE-2019-13566 1Ros 1Ros Comm Jun 17, 2026 Nov 22, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary cod...Show more An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname.Show less
CVE-2014-6310 2Call Cc Debian 2Chicken Debian Linux Nov 21, 2024 Nov 22, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function.
CVE-2012-3407 1Plow Project 1Plow Nov 21, 2024 Nov 22, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 plow has local buffer overflow vulnerability
CVE-2019-10566 1Qualcomm 26Apq8017 Firmware Apq8053 FirmwareApq8096au Firmware+23 more Jun 17, 2026 Nov 21, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapd...Show more Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130Show less
CVE-2018-13916 1Qualcomm 55Apq8009 Firmware Apq8017 FirmwareApq8053 Firmware+52 more Nov 21, 2024 Nov 21, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Ele...Show more Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130Show less
CVE-2019-18858 1Codesys 14Control For Beaglebone Control For Empc A/imx6Control For Iot2000+11 more Jun 17, 2026 Nov 20, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
CVE-2013-7088 3Clamav DebianFedoraproject 3Clamav Debian LinuxFedora Nov 21, 2024 Nov 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 ClamAV before 0.97.7 has buffer overflow in the libclamav component
CVE-2019-0145 2Intel Linux 8Ethernet 700 Series Software Ethernet Controller 710 Bm1 FirmwareEthernet Controller X710 At2 Firmware+5 more Jun 17, 2026 Nov 14, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
CVE-2019-0140 1Intel 7Ethernet 700 Series Software Ethernet Controller 710 Bm1 FirmwareEthernet Controller X710 At2 Firmware+4 more Jun 17, 2026 Nov 14, 2019 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access.
CVE-2019-11178 1Intel 1Baseboard Management Controller Firmware Jun 17, 2026 Nov 14, 2019 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access.

Previous 1...195196197...211 Next