Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,201)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-16342 1Insteon 1Hub Firmware Nov 21, 2024 Aug 2, 2018 N/A· v4 9.9 CRITICAL· v3 8.0 HIGH· v2 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c254 the value for the s_vol_dim_delta key is copied using strcpy to the buffer at...Show more An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c254 the value for the s_vol_dim_delta key is copied using strcpy to the buffer at 0xa0000514. This buffer is 4 bytes large, sending anything longer will cause a buffer overflow.Show less
CVE-2017-16341 1Insteon 1Hub Firmware Nov 21, 2024 Aug 2, 2018 N/A· v4 9.9 CRITICAL· v3 8.0 HIGH· v2 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c224 the value for the s_vol_play key is copied using strcpy to the buffer at 0xa0...Show more An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c224 the value for the s_vol_play key is copied using strcpy to the buffer at 0xa0000418. This buffer is maximum 8 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow.Show less
CVE-2017-16340 1Insteon 1Hub Firmware Nov 21, 2024 Aug 2, 2018 N/A· v4 9.9 CRITICAL· v3 8.0 HIGH· v2 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c0e8 the value for the s_dport key is copied using strcpy to the buffer at 0xa0001...Show more An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c0e8 the value for the s_dport key is copied using strcpy to the buffer at 0xa000180c. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow.Show less
CVE-2017-16339 1Insteon 1Hub Firmware Nov 21, 2024 Aug 2, 2018 N/A· v4 9.9 CRITICAL· v3 8.0 HIGH· v2 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bb1c the value for the uri key is copied using strcpy to the buffer at 0xa00016a0....Show more An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bb1c the value for the uri key is copied using strcpy to the buffer at 0xa00016a0. This buffer is 64 bytes large, sending anything longer will cause a buffer overflow.Show less
CVE-2017-16338 1Insteon 1Hub Firmware Nov 21, 2024 Aug 2, 2018 N/A· v4 9.9 CRITICAL· v3 8.0 HIGH· v2 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bad0 the value for the host key is copied using strcpy to the buffer at 0xa00016e0...Show more An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bad0 the value for the host key is copied using strcpy to the buffer at 0xa00016e0. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.Show less
CVE-2017-14445 1Insteon 1Hub Firmware Nov 21, 2024 Aug 2, 2018 N/A· v4 9.9 CRITICAL· v3 8.0 HIGH· v2 An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffe...Show more An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.Show less
CVE-2016-8620 1Haxx 1Curl Nov 21, 2024 Aug 1, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input.
CVE-2017-2633 2Qemu Redhat 6Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+3 more Nov 21, 2024 Jul 27, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A u...Show more An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.Show less
CVE-2018-14359 4Canonical DebianMutt+1 more 4Debian Linux MuttNeomutt+1 more Nov 21, 2024 Jul 17, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.
CVE-2018-12584 2Debian Resiprocate 2Debian Linux Resiprocate Nov 21, 2024 Jul 16, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when...Show more The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.Show less
CVE-2016-6559 1Freebsd 1Freebsd Nov 21, 2024 Jul 13, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of ex...Show more Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications. According to analysis by FreeBSD developers, it is very unlikely that applications exist that utilize link_ntoa() in an exploitable manner, and the CERT/CC is not aware of any proof of concept. A blog post describes the functionality of link_ntoa() and points out that none of the base utilities use this function in an exploitable manner. For more information, please see FreeBSD Security Advisory SA-16:37.Show less
CVE-2018-1000517 3Busybox CanonicalDebian 3Busybox Debian LinuxUbuntu Linux Jun 9, 2025 Jun 26, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exp...Show more BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.Show less
CVE-2018-5840 1Google 1Android Jun 17, 2026 Jun 6, 2018 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-11577 3Canonical LiblouisOpensuse 3Leap LiblouisUbuntu Linux Nov 21, 2024 May 31, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
CVE-2018-6233 1Trendmicro 4Antivirus+ Internet SecurityMaximum Security+1 more Jun 17, 2026 May 25, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCT...Show more A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2018-6232 1Trendmicro 4Antivirus+ Internet SecurityMaximum Security+1 more Jun 17, 2026 May 25, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCT...Show more A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2017-2840 1Ezbsystems 1Ultraiso Nov 21, 2024 Apr 24, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can p...Show more A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trigger this vulnerability.Show less
CVE-2018-1100 3Canonical RedhatZsh 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 more Nov 21, 2024 Apr 11, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
CVE-2017-17771 1Google 1Android Nov 21, 2024 Mar 30, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-02-12, an array out of bounds can occur.
CVE-2018-1083 4Canonical DebianRedhat+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Mar 28, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the con...Show more Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.Show less

Previous 1...201202203...211 Next