Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,202)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-10666 1Dlink 1Dir 825 Firmware Feb 3, 2026 Sep 18, 2025 7.4 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by this vulnerability is the function sub_4106d4 of the file apply.cgi. The manipulation of the argument countdown_time results in buffer overflo...Show more A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by this vulnerability is the function sub_4106d4 of the file apply.cgi. The manipulation of the argument countdown_time results in buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be exploited. This vulnerability only affects products that are no longer supported by the maintainer.Show less
CVE-2025-43370 1Apple 1Xcode Nov 3, 2025 Sep 15, 2025 N/A· v4 4.0 MEDIUM· v3 N/A· v2 A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.
CVE-2025-43312 1Apple 1Macos Apr 2, 2026 Sep 15, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to cause unexpected system termination.
CVE-2025-10443 1Tenda 2Ac15 Firmware Ac9 Firmware Sep 19, 2025 Sep 15, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buf...Show more A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.Show less
CVE-2025-10385 - - Sep 15, 2025 Sep 14, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Affected by this issue is the function sub_450B2C of the file /goform/mcr_setSysAdm. The manipulation of the argument ChgUserId leads to buffer ove...Show more A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Affected by this issue is the function sub_450B2C of the file /goform/mcr_setSysAdm. The manipulation of the argument ChgUserId leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-57573 1Tenda 1F3 Firmware Jun 17, 2026 Sep 10, 2025 N/A· v4 5.6 MEDIUM· v3 N/A· v2 Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi.
CVE-2025-57572 1Tenda 1F3 Firmware Jun 17, 2026 Sep 10, 2025 N/A· v4 5.6 MEDIUM· v3 N/A· v2 Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl.
CVE-2025-57571 1Tenda 1F3 Firmware Jun 17, 2026 Sep 10, 2025 N/A· v4 5.6 MEDIUM· v3 N/A· v2 Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT.
CVE-2025-57570 1Tenda 1F3 Firmware Jun 17, 2026 Sep 10, 2025 N/A· v4 5.6 MEDIUM· v3 N/A· v2 Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS.
CVE-2025-57569 1Tenda 1F3 Firmware Jun 17, 2026 Sep 10, 2025 N/A· v4 5.6 MEDIUM· v3 N/A· v2 Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT.
CVE-2025-10172 1Utt 1750w Firmware Jun 17, 2026 Sep 9, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. Th...Show more A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-49458 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Jun 17, 2026 Sep 9, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer overflow in certain Zoom Workplace Clients may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-10171 1Utt 11250gw Firmware Jun 17, 2026 Sep 9, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was detected in UTT 1250GW up to 3.2.2-200710. This vulnerability affects the function sub_453DC of the file /goform/formConfigApConfTemp. Performing manipulation results in buffer overflow. Remote exploi...Show more A vulnerability was detected in UTT 1250GW up to 3.2.2-200710. This vulnerability affects the function sub_453DC of the file /goform/formConfigApConfTemp. Performing manipulation results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-10170 1Utt 11200gw Firmware Jun 17, 2026 Sep 9, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A security vulnerability has been detected in UTT 1200GW up to 3.0.0-170831. This affects the function sub_4B48F8 of the file /goform/formApLbConfig. Such manipulation of the argument loadBalanceNameOld leads to buffer o...Show more A security vulnerability has been detected in UTT 1200GW up to 3.0.0-170831. This affects the function sub_4B48F8 of the file /goform/formApLbConfig. Such manipulation of the argument loadBalanceNameOld leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-10169 1Utt 11200gw Firmware Jun 17, 2026 Sep 9, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A weakness has been identified in UTT 1200GW up to 3.0.0-170831. Affected by this issue is some unknown functionality of the file /goform/ConfigWirelessBase. This manipulation of the argument ssid causes buffer overflow....Show more A weakness has been identified in UTT 1200GW up to 3.0.0-170831. Affected by this issue is some unknown functionality of the file /goform/ConfigWirelessBase. This manipulation of the argument ssid causes buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-10120 1Tenda 1Ac20 Firmware Jun 17, 2026 Sep 9, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the function strcpy of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in buffer overflow. The att...Show more A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the function strcpy of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used.Show less
CVE-2025-39727 1Linux 1Linux Kernel Jun 17, 2026 Sep 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setup_clusters() In setup_swap_map(), we only ensure badpages are in range (0, last_page]. As maxpages mig...Show more In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setup_clusters() In setup_swap_map(), we only ensure badpages are in range (0, last_page]. As maxpages might be < last_page, setup_clusters() will encounter a buffer overflow when a badpage is >= maxpages. Only call inc_cluster_info_page() for badpage which is < maxpages to fix the issue.Show less
CVE-2025-10034 1Dlink 1Dir 825 Firmware Jun 17, 2026 Sep 6, 2025 7.4 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat of the file ping6_response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buff...Show more A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat of the file ping6_response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.Show less
CVE-2025-9961 - - Jun 17, 2026 Sep 6, 2025 8.6 HIGH· v4 N/A· v3 N/A· v2 An authenticated attacker may remotely execute arbitrary code via the CWMP binary on the devices AX10 and AX1500. The exploit can only be conducted via a Man-In-The-Middle (MITM) attack. This issue affects AX10 V1/V1...Show more An authenticated attacker may remotely execute arbitrary code via the CWMP binary on the devices AX10 and AX1500. The exploit can only be conducted via a Man-In-The-Middle (MITM) attack. This issue affects AX10 V1/V1.2/V2/V2.6/V3/V3.6: before 1.2.1; AX1500 V1/V1.20/V1.26/V1.60/V1.80/V2.60/V3.6: before 1.3.11.Show less
CVE-2025-26434 1Google 1Android Jun 17, 2026 Sep 5, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...Show more In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Show less

Previous 1...333435...211 Next