CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Description
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-67 · CAPEC-8 · CAPEC-9 · CAPEC-92
CVEs mapped to this weakness (802)
page 23 of 41| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-53319 | Hig | 0.49 | 7.5 | 0.00 | Jan 31, 2025 | A heap buffer overflow in the XML Text Escaping component of Qualisys C++ SDK commit a32a21a allows attackers to cause Denial of Service (DoS) via escaping special XML characters. | ||
| CVE-2024-53379 | Hig | 0.49 | 7.5 | 0.00 | Jan 23, 2025 | Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit 64808a5e12c83b38f85c943dee0112e428dc2a43 allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hello message. | ||
| CVE-2024-24451 | Hig | 0.49 | 7.5 | 0.01 | Jan 21, 2025 | A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface. | ||
| CVE-2024-25253 | — | Hig | 0.49 | 7.5 | 0.00 | Nov 11, 2024 | Driver Booster v10.6 was discovered to contain a buffer overflow via the Host parameter under the Customize proxy module. | |
| CVE-2024-42011 | Hig | 0.49 | 7.5 | 0.01 | Oct 28, 2024 | The Spotify app 8.9.58 for iOS has a buffer overflow in its use of strcat. | ||
| CVE-2024-44331 | Hig | 0.49 | 7.5 | 0.01 | Oct 22, 2024 | Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests. | ||
| CVE-2024-46304 | Hig | 0.49 | 7.5 | 0.01 | Oct 9, 2024 | A NULL pointer dereference in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial of service via the coap_handle_request_put_block function in src/coap_block.c. | ||
| CVE-2024-6918 | Hig | 0.49 | 7.5 | 0.00 | Aug 20, 2024 | CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause a crash of the Accutech Manager when receiving a specially crafted request over port 2536/TCP. | ||
| CVE-2024-41631 | — | Hig | 0.49 | 7.5 | 0.01 | Jul 29, 2024 | Buffer Overflow vulnerability in host-host NEUQ_board v.1.0 allows a remote attacker to cause a denial of service via the password.h component. | |
| CVE-2023-52729 | Hig | 0.49 | 7.5 | 0.00 | May 4, 2024 | TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow when trying to add '\0' to the end of long msg data. It can be exploited via crafted TCP packets. | ||
| CVE-2023-46566 | Hig | 0.49 | 7.5 | 0.01 | Apr 29, 2024 | Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a remote attacker to cause a denial of service via the parse function in the TftpPacketFactory class. | ||
| CVE-2023-43615 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2023 | Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | ||
| CVE-2022-3786 | Hig | 0.49 | 7.5 | 0.91 | Nov 1, 2022 | A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue… | ||
| CVE-2022-3602 | Hig | 0.49 | 7.5 | 0.90 | Nov 1, 2022 | A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to… | ||
| CVE-2020-36120 | Hig | 0.49 | 7.5 | 0.01 | Apr 14, 2021 | Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS). | ||
| CVE-2017-2876 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2018 | An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. | ||
| CVE-2017-2878 | Hig | 0.49 | 7.5 | 0.02 | Sep 19, 2018 | An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker… | ||
| CVE-2018-1054 | Hig | 0.49 | 7.5 | 0.05 | Mar 7, 2018 | An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus… | ||
| CVE-2017-15134 | Hig | 0.49 | 7.5 | 0.04 | Mar 1, 2018 | A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially… | ||
| CVE-2017-2831 | Hig | 0.49 | 7.5 | 0.03 | Jun 21, 2017 | An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker… |
- risk 0.49cvss 7.5epss 0.00
A heap buffer overflow in the XML Text Escaping component of Qualisys C++ SDK commit a32a21a allows attackers to cause Denial of Service (DoS) via escaping special XML characters.
- risk 0.49cvss 7.5epss 0.00
Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit 64808a5e12c83b38f85c943dee0112e428dc2a43 allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hello message.
- risk 0.49cvss 7.5epss 0.01
A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.
- risk 0.49cvss 7.5epss 0.00
Driver Booster v10.6 was discovered to contain a buffer overflow via the Host parameter under the Customize proxy module.
- risk 0.49cvss 7.5epss 0.01
The Spotify app 8.9.58 for iOS has a buffer overflow in its use of strcat.
- risk 0.49cvss 7.5epss 0.01
Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests.
- risk 0.49cvss 7.5epss 0.01
A NULL pointer dereference in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial of service via the coap_handle_request_put_block function in src/coap_block.c.
- risk 0.49cvss 7.5epss 0.00
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause a crash of the Accutech Manager when receiving a specially crafted request over port 2536/TCP.
- risk 0.49cvss 7.5epss 0.01
Buffer Overflow vulnerability in host-host NEUQ_board v.1.0 allows a remote attacker to cause a denial of service via the password.h component.
- risk 0.49cvss 7.5epss 0.00
TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow when trying to add '\0' to the end of long msg data. It can be exploited via crafted TCP packets.
- risk 0.49cvss 7.5epss 0.01
Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a remote attacker to cause a denial of service via the parse function in the TftpPacketFactory class.
- risk 0.49cvss 7.5epss 0.01
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
- risk 0.49cvss 7.5epss 0.91
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue…
- risk 0.49cvss 7.5epss 0.90
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to…
- risk 0.49cvss 7.5epss 0.01
Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS).
- risk 0.49cvss 7.5epss 0.01
An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data.
- risk 0.49cvss 7.5epss 0.02
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker…
- risk 0.49cvss 7.5epss 0.05
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus…
- risk 0.49cvss 7.5epss 0.04
A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially…
- risk 0.49cvss 7.5epss 0.03
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker…