Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,201)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-7238 1Schneider Electric 20Ibp1110 1er Firmware Ibp219 1er FirmwareIbp319 1er Firmware+17 more Jun 17, 2026 Mar 9, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to execute arbit...Show more A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to execute arbitrary code.Show less
CVE-2018-1000117 1Python 1Python Nov 21, 2024 Mar 7, 2018 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of pr...Show more Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.Show less
CVE-2018-1054 2Fedoraproject Redhat 4389 Directory Server Enterprise Linux DesktopEnterprise Linux Server+1 more Nov 21, 2024 Mar 7, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make n...Show more An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.Show less
CVE-2017-15134 2Fedoraproject Redhat 5389 Directory Server Enterprise LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 Mar 1, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentiall...Show more A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.Show less
CVE-2017-12718 1Smiths Medical 1Medfusion 4000 Wireless Syringe Infusion Pump Nov 21, 2024 Feb 15, 2018 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior...Show more A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on the target device. The pump receives the potentially malicious input infrequently and under certain conditions, increasing the difficulty of exploitation.Show less
CVE-2018-6789 3Canonical DebianExim 3Debian Linux EximUbuntu Linux Jun 17, 2026 Feb 8, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
CVE-2017-11003 1Google 1Android Nov 21, 2024 Jan 10, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into a...Show more In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size.Show less
CVE-2017-16740 1Rockwellautomation 61766 L32awa Firmware 1766 L32awaa Firmware1766 L32bwa Firmware+3 more Nov 21, 2024 Jan 9, 2018 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, whic...Show more A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.Show less
CVE-2017-11015 1Google 1Android May 13, 2026 Nov 16, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_MAC_AUTH_CHALLENGE_LENGTH is set to 128 which may result in buffer overflow sinc...Show more In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_MAC_AUTH_CHALLENGE_LENGTH is set to 128 which may result in buffer overflow since the frame parser allows challenge text of length up to 253 bytes, but the driver can not handle challenge text larger than 128 bytes.Show less
CVE-2017-11014 1Google 1Android May 13, 2026 Nov 16, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur.
CVE-2017-11013 1Google 1Android May 13, 2026 Nov 16, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "p...Show more In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound".Show less
CVE-2017-15222 1Nftp Project 1Nftp May 13, 2026 Oct 24, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.
CVE-2017-8278 1Google 1Android May 13, 2026 Sep 21, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur.
CVE-2017-0782 1Google 1Android May 13, 2026 Sep 14, 2017 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237.
CVE-2017-0767 1Google 1Android May 13, 2026 Sep 8, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407.
CVE-2017-12137 3Citrix DebianXen 3Debian Linux XenXenserver May 13, 2026 Aug 24, 2017 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
CVE-2017-6421 1Google 1Android May 13, 2026 Aug 16, 2017 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow.
CVE-2017-8259 1Google 1Android May 13, 2026 Aug 11, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not used to indicate the si...Show more In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not used to indicate the size of the buffer.Show less
CVE-2015-7854 2Netapp Ntp 6Clustered Data Ontap Data OntapNtp+3 more May 13, 2026 Aug 7, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary co...Show more Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.Show less
CVE-2015-7853 2Netapp Ntp 6Clustered Data Ontap Data OntapNtp+3 more May 13, 2026 Aug 7, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.

Previous 1...202203204...211 Next