Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

DATE CVE VULNERABILITY TITLE RISK
2020-09-15 CVE-2020-8927 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB.
6.5
2020-09-11 CVE-2020-25279 Classic Buffer Overflow vulnerability in Google Android
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software.
network
low complexity
google CWE-120
critical
9.8
2020-09-09 CVE-2020-15173 Classic Buffer Overflow vulnerability in Accel-Ppp 1.10.0/1.12.0/1.12.092G38B6104
In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6.
network
low complexity
accel-ppp CWE-120
critical
9.8
2020-09-09 CVE-2018-17773 Classic Buffer Overflow vulnerability in Ingenico Telium 2 Firmware
Ingenico Telium 2 POS terminals have a buffer overflow via SOCKET_TASK in the NTPT3 protocol.
low complexity
ingenico CWE-120
6.8
2020-09-09 CVE-2018-17770 Classic Buffer Overflow vulnerability in Ingenico Telium 2 Firmware
Ingenico Telium 2 POS terminals have a buffer overflow via the RemotePutFile command of the NTPT3 protocol.
low complexity
ingenico CWE-120
6.6
2020-09-09 CVE-2018-17769 Classic Buffer Overflow vulnerability in Ingenico Telium 2 Firmware
Ingenico Telium 2 POS terminals have a buffer overflow via the 0x26 command of the NTPT3 protocol.
low complexity
ingenico CWE-120
6.6
2020-09-09 CVE-2020-2042 Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os 10.0.0
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges.
network
low complexity
paloaltonetworks CWE-120
7.2
2020-09-09 CVE-2020-2040 Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface.
network
low complexity
paloaltonetworks CWE-120
critical
9.8
2020-09-09 CVE-2020-25211 Classic Buffer Overflow vulnerability in multiple products
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.
local
low complexity
linux debian fedoraproject CWE-120
6.0
2020-09-09 CVE-2020-3656 Classic Buffer Overflow vulnerability in Qualcomm products
Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
local
low complexity
qualcomm CWE-120
7.8