Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2020-5213 | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 9.8 |
| 2020-01-28 | CVE-2020-5212 | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 9.8 |
| 2020-01-28 | CVE-2020-5210 | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 7.8 |
| 2020-01-28 | CVE-2020-5209 | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 7.8 |
| 2020-01-27 | CVE-2015-0243 | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 8.8 |
| 2020-01-27 | CVE-2015-0241 | Classic Buffer Overflow vulnerability in multiple products The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow. | 8.8 |
| 2020-01-27 | CVE-2019-20427 | Classic Buffer Overflow vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. | 9.8 |
| 2020-01-27 | CVE-2019-20423 | Classic Buffer Overflow vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. | 7.5 |
| 2020-01-24 | CVE-2014-9629 | Classic Buffer Overflow vulnerability in Videolan VLC Media Player Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value. | 7.8 |
| 2020-01-24 | CVE-2014-9628 | Classic Buffer Overflow vulnerability in Videolan VLC Media Player The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7. | 7.8 |