Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-25 | CVE-2024-4640 | Classic Buffer Overflow vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. | 8.2 |
| 2024-06-24 | CVE-2024-39291 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf function. The issue was due to the size of the buffer 'ucode_prefix' being too small to accommodate the maximum possible length of the string being written into it. The string being written is "amdgpu/%s_mec.bin" or "amdgpu/%s_rlc.bin", where %s is replaced by the value of 'chip_name'. | 7.8 |
| 2024-06-19 | CVE-2021-47609 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name string is set at maximum size of 30. Let us fix it by using devm_kasprintf so that the string buffer is allocated dynamically. | 7.8 |
| 2024-06-19 | CVE-2024-38577 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow There is a possibility of buffer overflow in show_rcu_tasks_trace_gp_kthread() if counters, passed to sprintf() are huge. | 7.8 |
| 2024-06-19 | CVE-2024-6142 | Classic Buffer Overflow vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5 Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. | 8.8 |
| 2024-06-19 | CVE-2024-6143 | Classic Buffer Overflow vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5 Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. | 8.8 |
| 2024-06-13 | CVE-2024-32907 | Classic Buffer Overflow vulnerability in Google Android In memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation. | 7.8 |
| 2024-06-13 | CVE-2024-37632 | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth . | 9.8 |
| 2024-06-13 | CVE-2024-37635 | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg | 9.8 |
| 2024-06-12 | CVE-2024-37040 | Classic Buffer Overflow vulnerability in Schneider-Electric Sage RTU Firmware CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request. | 8.1 |