Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-06 | CVE-2023-43526 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while querying module parameters from Listen Sound model client in kernel from user space. | 7.8 |
| 2024-05-06 | CVE-2024-21480 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while playing audio file having large-sized input buffer. | 9.8 |
| 2024-05-01 | CVE-2024-27045 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' Tell snprintf() to store at most 10 bytes in the output buffer instead of 30. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() is printing too much 30 vs 10 | 7.8 |
| 2024-05-01 | CVE-2024-26952 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. | 7.8 |
| 2024-04-28 | CVE-2022-48657 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: arm64: topology: fix possible overflow in amu_fie_setup() cpufreq_get_hw_max_freq() returns max frequency in kHz as *unsigned int*, while freq_inv_set_max_ratio() gets passed this frequency in Hz as 'u64'. Multiplying max frequency by 1000 can potentially result in overflow -- multiplying by 1000ULL instead should avoid that... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. | 7.8 |
| 2024-04-24 | CVE-2024-20313 | Classic Buffer Overflow vulnerability in Cisco IOS XE A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 7.4 |
| 2024-04-16 | CVE-2022-24805 | Classic Buffer Overflow vulnerability in multiple products net-snmp provides various tools relating to the Simple Network Management Protocol. | 8.8 |
| 2024-04-16 | CVE-2022-24807 | Classic Buffer Overflow vulnerability in multiple products net-snmp provides various tools relating to the Simple Network Management Protocol. | 6.5 |
| 2024-04-01 | CVE-2023-33023 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while processing finish_sign command to pass a rsp buffer. | 7.8 |
| 2024-04-01 | CVE-2023-43515 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled. | 7.8 |