Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-29 | CVE-2024-27878 | Classic Buffer Overflow vulnerability in Apple Macos A buffer overflow issue was addressed with improved memory handling. | 6.7 |
| 2024-07-29 | CVE-2024-41038 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length strings in the algorithm block header. | 5.5 |
| 2024-07-29 | CVE-2024-41039 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmware data buffer contained enough bytes for the sums of the size of the structs wmfw_header + wmfw_adsp1_sizes + wmfw_footer But wmfw_adsp1_sizes is only used on ADSP1 firmware. | 7.8 |
| 2024-07-29 | CVE-2024-7186 | Classic Buffer Overflow vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102 A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. | 8.8 |
| 2024-07-12 | CVE-2024-40902 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. | 7.8 |
| 2024-07-09 | CVE-2024-5974 | Classic Buffer Overflow vulnerability in Watchguard Fireware A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. | 7.2 |
| 2024-07-08 | CVE-2024-31504 | Classic Buffer Overflow vulnerability in Embedded-Solutions Freemodbus 20180912 Buffer Overflow vulnerability in SILA Embedded Solutions GmbH freemodbus v.2018-09-12 allows a remtoe attacker to cause a denial of service via the LINUXTCP server component. | 7.5 |
| 2024-07-08 | CVE-2024-6563 | Classic Buffer Overflow vulnerability in Renesas Arm-Trusted-Firmware Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. | 6.7 |
| 2024-07-08 | CVE-2024-6564 | Classic Buffer Overflow vulnerability in Renesas Arm-Trusted-Firmware Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. | 6.7 |
| 2024-07-05 | CVE-2024-39480 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy() to insert the completed symbol into the command buffer. Unfortunately it passes the size of the source buffer rather than the destination to strncpy() with predictably horrible results. | 7.8 |