Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,202)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-14526 1Tenda 1Ch22 Firmware Feb 24, 2026 Dec 11, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A security flaw has been discovered in Tenda CH22 1.0.0.1. This affects the function frmL7ImForm of the file /goform/L7Im. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of...Show more A security flaw has been discovered in Tenda CH22 1.0.0.1. This affects the function frmL7ImForm of the file /goform/L7Im. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.Show less
CVE-2025-65288 1Mercurycom 1Mr816 Firmware Dec 12, 2025 Dec 9, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A buffer overflow in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) occurs when the device accepts and stores excessively long hostnames from LAN hosts without proper length validation. The affected code pe...Show more A buffer overflow in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) occurs when the device accepts and stores excessively long hostnames from LAN hosts without proper length validation. The affected code performs unchecked copies/concatenations into fixed-size buffers. A crafted long hostname can overflow the buffer, cause a crash (DoS) and potentially enabling remote code execution.Show less
CVE-2025-14310 - - Dec 9, 2025 Dec 9, 2025 9.3 CRITICAL· v4 N/A· v3 N/A· v2 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb.This issue affects rethinkdb: before 2.4.4.
CVE-2025-14196 - - Dec 8, 2025 Dec 7, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A weakness has been identified in H3C Magic B1 up to 100R004. The affected element is the function sub_44de0 of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitatio...Show more A weakness has been identified in H3C Magic B1 up to 100R004. The affected element is the function sub_44de0 of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-14191 1Utt 1512w Firmware Jan 5, 2026 Dec 7, 2025 7.4 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formP2PLimitConfig. Such manipulation of the argument except leads to buffer overflow. I...Show more A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formP2PLimitConfig. Such manipulation of the argument except leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-14187 - - Jan 28, 2026 Dec 7, 2025 7.3 HIGH· v4 7.2 HIGH· v3 8.3 HIGH· v2 A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. Executing a manipulation of the argum...Show more A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. It is recommended to upgrade the affected component.Show less
CVE-2025-14141 1Utt 1520w Firmware Dec 11, 2025 Dec 6, 2025 7.4 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A flaw has been found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formArpBindConfig. Executing manipulation of the argument pools can lead to buffer overflow. The attack m...Show more A flaw has been found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formArpBindConfig. Executing manipulation of the argument pools can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-14140 1Utt 1520w Firmware Apr 29, 2026 Dec 6, 2025 5.7 MEDIUM· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 A vulnerability was detected in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/websHostFilter. Performing manipulation of the argument addHostFilter results in buffer overflow....Show more A vulnerability was detected in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/websHostFilter. Performing manipulation of the argument addHostFilter results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-14139 1Utt 1520w Firmware Apr 29, 2026 Dec 6, 2025 5.5 MEDIUM· v4 5.7 MEDIUM· v3 5.5 MEDIUM· v2 A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Impacted is the function strcpy of the file /goform/formConfigDnsFilterGlobal. Such manipulation of the argument timeRangeName leads to buffer overf...Show more A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Impacted is the function strcpy of the file /goform/formConfigDnsFilterGlobal. Such manipulation of the argument timeRangeName leads to buffer overflow. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-64053 1Fanvil 1X210 Firmware Jan 9, 2026 Dec 5, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action...Show more A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.Show less
CVE-2025-14015 1H3c 1Magic B0 Firmware Dec 23, 2025 Dec 4, 2025 7.4 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of...Show more A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-66287 - - Dec 22, 2025 Dec 4, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
CVE-2025-50361 1Smallbasic 1Smallbasic Dec 18, 2025 Dec 3, 2025 N/A· v4 5.1 MEDIUM· v3 N/A· v2 Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v12_28, and commit sha:298a1d495355959db36451e90a0ac74bcc5593fe in the function main.cpp, which can lead to potential information leakage and c...Show more Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v12_28, and commit sha:298a1d495355959db36451e90a0ac74bcc5593fe in the function main.cpp, which can lead to potential information leakage and crash.Show less
CVE-2025-11780 1Circutor 2Sge Plc1000 Firmware Sge Plc50 Firmware Dec 3, 2025 Dec 2, 2025 8.7 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetPar...Show more Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetParameter(meter)' function retrieves the user input, which is directly incorporated into a buffer without size validation. An attacker can provide an excessively large input for the “meter” parameter.Show less
CVE-2025-65404 1Live555 1Streaming Media Dec 23, 2025 Dec 1, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.
CVE-2025-65403 1Hfiref0x 1Lightftp Dec 5, 2025 Dec 1, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A buffer overflow in the g_cfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-50402 1Fastcom 1Fac1200r Firmware Jan 2, 2026 Nov 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter string fac_password.
CVE-2025-50399 1Fastcom 1Fac1200r Firmware Jan 2, 2026 Nov 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter password.
CVE-2025-9558 - - Dec 1, 2025 Nov 26, 2025 N/A· v4 7.6 HIGH· v3 N/A· v2 There is a potential OOB Write vulnerability in the gen_prov_start function in pb_adv.c. The full length of the received data is copied into the link.rx.buf receiver buffer without any validation on the data size.
CVE-2025-9557 - - Dec 1, 2025 Nov 26, 2025 N/A· v4 7.6 HIGH· v3 N/A· v2 ‭An out-of-bound write can lead to an arbitrary code execution. Even on devices with some form of memory protection, this can still lead to‬ ‭a crash and a resultant denial of service.‬

Previous 1...272829...211 Next