Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-14 | CVE-2016-9035 | Classic Buffer Overflow vulnerability in Joyent Smartos 20161110T013148Z An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 7.0 |
| 2016-12-14 | CVE-2016-9034 | Classic Buffer Overflow vulnerability in Joyent Smartos 20120614/20161110T013148Z An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 7.0 |
| 2016-12-14 | CVE-2016-9033 | Classic Buffer Overflow vulnerability in Joyent Smartos 20161110T013148Z An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 7.0 |
| 2016-12-14 | CVE-2016-9032 | Classic Buffer Overflow vulnerability in Joyent Smartos 20161110T013148Z An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 7.0 |
| 2016-12-10 | CVE-2016-7422 | Classic Buffer Overflow vulnerability in multiple products The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value. | 6.0 |
| 2016-12-10 | CVE-2016-6834 | Classic Buffer Overflow vulnerability in multiple products The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length. | 4.4 |
| 2016-12-10 | CVE-2016-6490 | Classic Buffer Overflow vulnerability in Qemu The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer. | 4.4 |
| 2016-11-04 | CVE-2016-8668 | Classic Buffer Overflow vulnerability in multiple products The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size. | 6.0 |
| 2016-10-10 | CVE-2016-5343 | Classic Buffer Overflow vulnerability in Linux Kernel drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow. | 9.8 |
| 2016-09-26 | CVE-2016-4303 | Classic Buffer Overflow vulnerability in multiple products The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. | 9.8 |