Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-12 | CVE-2024-40902 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. | 7.8 |
2024-07-08 | CVE-2024-31504 | Classic Buffer Overflow vulnerability in Embedded-Solutions Freemodbus 20180912 Buffer Overflow vulnerability in SILA Embedded Solutions GmbH freemodbus v.2018-09-12 allows a remtoe attacker to cause a denial of service via the LINUXTCP server component. | 7.5 |
2024-07-08 | CVE-2024-6563 | Classic Buffer Overflow vulnerability in Rensas Arm-Trusted-Firmware Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. | 6.7 |
2024-07-08 | CVE-2024-6564 | Classic Buffer Overflow vulnerability in Rensas Arm-Trusted-Firmware Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. | 6.7 |
2024-07-05 | CVE-2024-39480 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy() to insert the completed symbol into the command buffer. Unfortunately it passes the size of the source buffer rather than the destination to strncpy() with predictably horrible results. | 7.8 |
2024-07-01 | CVE-2024-23368 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition. | 7.8 |
2024-06-24 | CVE-2024-39291 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf function. The issue was due to the size of the buffer 'ucode_prefix' being too small to accommodate the maximum possible length of the string being written into it. The string being written is "amdgpu/%s_mec.bin" or "amdgpu/%s_rlc.bin", where %s is replaced by the value of 'chip_name'. | 7.8 |
2024-06-13 | CVE-2024-32907 | Classic Buffer Overflow vulnerability in Google Android In memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation. | 7.8 |
2024-06-12 | CVE-2024-37040 | Classic Buffer Overflow vulnerability in Schneider-Electric Sage RTU Firmware CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request. | 8.1 |
2024-05-21 | CVE-2023-37929 | The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | 6.5 |