CWE-120
4,201 CVEs • Abstraction: Base • Likelihood of Exploit: High
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CVEs (4,201)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
4Debian OpensuseRedhat+1 more4Debian Linux Enterprise LinuxOpensuse+1 moreNov 21, 2024 Nov 14, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. |
1Western Digital 1My Cloud Ex2 Ultra Firmware Jun 17, 2026 Nov 13, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters. |
1Ti 3Cc256xb Bt Sp Firmware Cc256xc Bt Sp FirmwareWl18xx Bt Sp FirmwareJun 17, 2026 Nov 13, 2019 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause...Show more |
2Debian Gnu2Debian Linux FribidiJun 17, 2026 Nov 13, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering...Show more |
2Debian Ettercap Project2Debian Linux EttercapNov 21, 2024 Nov 12, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack. |
1Qualcomm 13Mdm9607 Firmware Msm8909w FirmwareQualcomm 215 Firmware+10 moreJun 17, 2026 Nov 6, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Incorrect reading of system image resulting in buffer overflow when size of system image is increased in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205,...Show more |
1Qualcomm 42Mdm9206 Firmware Mdm9607 FirmwareMsm8909w Firmware+39 moreJun 17, 2026 Nov 6, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdrago...Show more |
1Qualcomm 36Msm8909w Firmware Msm8996au FirmwareQcs605 Firmware+33 moreJun 17, 2026 Nov 6, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Ind...Show more |
1Qualcomm 47Ipq4019 Firmware Ipq8064 FirmwareIpq8074 Firmware+44 moreJun 17, 2026 Nov 6, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 ADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...Show more |
termpkg 3.3 suffers from buffer overflow. |
Multiple buffer overflows in the (1) R5RS char-ready, (2) tcp-accept-ready, and (3) file-select procedures in Chicken through 4.8.0.3 allows attackers to cause a denial of service (crash) by opening a file descriptor wit...Show more |
Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value. |
overkill has buffer overflow via long player names that can corrupt data on the server machine |
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity. |
1Intrasrv Project 1Intrasrv Jun 17, 2026 Oct 28, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET or HEAD request that can result in a compromise of the hosting system. |
6Canonical DebianFedoraproject+3 more23Debian Linux Enterprise LinuxEnterprise Linux Desktop+20 moreJun 17, 2026 Oct 28, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI pro...Show more |
1Milesight 1Ip Security Camera Firmware Nov 21, 2024 Oct 25, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password. |
1Ibm 1Db2 High Performance Unload Load Jun 17, 2026 Oct 22, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privile...Show more |
3Canonical DebianLinux3Debian Linux Linux KernelUbuntu LinuxJun 17, 2026 Oct 17, 2019 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. |
1Dlink 6Dir 868l Firmware Dir 880l FirmwareDir 885l Firmware+3 moreNov 21, 2024 Oct 14, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector...Show more |