Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,202)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-12236 1Tenda 1Ch22 Firmware Feb 24, 2026 Oct 27, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was determined in Tenda CH22 1.0.0.1. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes buffer overflow. Remote exploitat...Show more A vulnerability was determined in Tenda CH22 1.0.0.1. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.Show less
CVE-2025-12235 1Tenda 1Ch22 Firmware Apr 29, 2026 Oct 27, 2025 7.3 HIGH· v4 8.0 HIGH· v3 7.7 HIGH· v2 A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must orig...Show more A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used.Show less
CVE-2025-12234 1Tenda 1Ch22 Firmware Oct 27, 2025 Oct 27, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability has been found in Tenda CH22 1.0.0.1. This affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to buffer overflow. The attack may be initi...Show more A vulnerability has been found in Tenda CH22 1.0.0.1. This affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-12233 1Tenda 1Ch22 Firmware Feb 24, 2026 Oct 27, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing a manipulation of the argument page can lead to buffer overflow. The atta...Show more A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing a manipulation of the argument page can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.Show less
CVE-2025-12232 1Tenda 1Ch22 Firmware Feb 24, 2026 Oct 27, 2025 7.4 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Performing a manipulation of the argument page results in buff...Show more A vulnerability was detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Performing a manipulation of the argument page results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.Show less
CVE-2025-60554 1Dlink 1Dir 600l Firmware Oct 28, 2025 Oct 24, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEnableWizard.
CVE-2025-60553 1Dlink 1Dir 600l Firmware Oct 28, 2025 Oct 24, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard52.
CVE-2025-60548 1Dlink 1Dir 600l Firmware Oct 28, 2025 Oct 24, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings.
CVE-2025-60343 1Tenda 1Ac6 Firmware Oct 24, 2025 Oct 22, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Multiple buffer overflows in the AdvSetMacMtuWan function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the wanMTU, wanSpeed, cloneType, mac, serviceN...Show more Multiple buffer overflows in the AdvSetMacMtuWan function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the wanMTU, wanSpeed, cloneType, mac, serviceName, serverName, wanMTU2, wanSpeed2, cloneType2, mac2, serviceName2, and serverName2 parameters.Show less
CVE-2025-60340 1Tenda 1Ac6 Firmware Oct 28, 2025 Oct 22, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp para...Show more Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters.Show less
CVE-2025-60339 1Tenda 1Ac6 Firmware Oct 27, 2025 Oct 22, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTi...Show more Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTime parameters.Show less
CVE-2025-60337 1Tenda 1Ac6 Firmware Oct 27, 2025 Oct 22, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-53474 1F5 21Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Advanced Web Application Firewall+18 more Oct 21, 2025 Oct 15, 2025 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technica...Show more When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Show less
CVE-2025-20709 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 15, 2025 Oct 14, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User inte...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415809; Issue ID: MSV-3405.Show less
CVE-2025-41707 - - Nov 3, 2025 Oct 14, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality.
CVE-2025-41706 - - Nov 3, 2025 Oct 14, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting the core functional...Show more The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting the core functionality.Show less
CVE-2025-11653 1Utt 12620g Firmware Feb 10, 2026 Oct 13, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate th...Show more A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-11652 1Utt 1518g Firmware Jan 8, 2026 Oct 13, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. This issue affects some unknown processing of the file /goform/formTaskEdit_ap. The manipulation of the argument txtMin2 results in buffer overflow....Show more A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. This issue affects some unknown processing of the file /goform/formTaskEdit_ap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-11651 1Utt 1518g Firmware Jan 8, 2026 Oct 13, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability has been found in UTT 进取 518G up to V3v3.2.7-210919-161313. This vulnerability affects the function sub_4247AC of the file /goform/formRemoteControl. The manipulation of the argument Profile leads to buff...Show more A vulnerability has been found in UTT 进取 518G up to V3v3.2.7-210919-161313. This vulnerability affects the function sub_4247AC of the file /goform/formRemoteControl. The manipulation of the argument Profile leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-52960 1Juniper 1Junos Jan 23, 2026 Oct 9, 2025 8.2 HIGH· v4 5.9 MEDIUM· v3 N/A· v2 A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol (SIP) ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to...Show more A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol (SIP) ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When memory utilization is high, and specific SIP packets are received, flowd/mspmand crashes. While the system recovers automatically, the disruption can significantly impact service stability. Continuous receipt of these specific SIP packets, while high utilization is present, will cause a sustained DoS condition. The utilization is outside the attackers control, so they would not be able to deterministically exploit this. This issue affects Junos OS on SRX Series and MX Series: * All versions before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2.Show less

Previous 1...303132...211 Next