Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-32230 Classic Buffer Overflow vulnerability in Ffmpeg 7.0
FFmpeg 7.0 is vulnerable to Buffer Overflow.
local
low complexity
ffmpeg CWE-120
7.8
2024-06-25 CVE-2024-4640 Classic Buffer Overflow vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations.
network
low complexity
moxa CWE-120
8.2
2024-06-24 CVE-2024-39291 Classic Buffer Overflow vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf function. The issue was due to the size of the buffer 'ucode_prefix' being too small to accommodate the maximum possible length of the string being written into it. The string being written is "amdgpu/%s_mec.bin" or "amdgpu/%s_rlc.bin", where %s is replaced by the value of 'chip_name'.
local
low complexity
linux CWE-120
7.8
2024-06-19 CVE-2021-47609 Classic Buffer Overflow vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name string is set at maximum size of 30. Let us fix it by using devm_kasprintf so that the string buffer is allocated dynamically.
local
low complexity
linux CWE-120
7.8
2024-06-19 CVE-2024-38577 Classic Buffer Overflow vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow There is a possibility of buffer overflow in show_rcu_tasks_trace_gp_kthread() if counters, passed to sprintf() are huge.
local
low complexity
linux CWE-120
7.8
2024-06-19 CVE-2024-6142 Classic Buffer Overflow vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5
Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability.
low complexity
actiontec CWE-120
8.8
2024-06-19 CVE-2024-6143 Classic Buffer Overflow vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5
Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability.
low complexity
actiontec CWE-120
8.8
2024-06-13 CVE-2024-32907 Classic Buffer Overflow vulnerability in Google Android
In memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation.
local
low complexity
google CWE-120
7.8
2024-06-13 CVE-2024-37632 Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
network
low complexity
totolink CWE-120
critical
9.8
2024-06-13 CVE-2024-37635 Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
network
low complexity
totolink CWE-120
critical
9.8