Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-23302 | Classic Buffer Overflow vulnerability in Garmin Connect-Iq The `Toybox.GenericChannel.setDeviceConfig` API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. | 9.8 |
| 2023-05-23 | CVE-2023-23303 | Classic Buffer Overflow vulnerability in Garmin Connect-Iq The `Toybox.Ant.GenericChannel.enableEncryption` API method in CIQ API version 3.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. | 9.8 |
| 2023-05-23 | CVE-2023-23305 | Classic Buffer Overflow vulnerability in Garmin Connect-Iq The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. | 9.8 |
| 2023-05-23 | CVE-2023-27518 | Classic Buffer Overflow vulnerability in Contec Sv-Cpt-Mc310 Firmware and Sv-Cpt-Mc310F Firmware Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute arbitrary code. | 8.8 |
| 2023-05-18 | CVE-2023-20024 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 7.5 |
| 2023-05-18 | CVE-2023-20156 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 9.8 |
| 2023-05-18 | CVE-2023-20157 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 9.8 |
| 2023-05-18 | CVE-2023-20158 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 9.8 |
| 2023-05-18 | CVE-2023-20159 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 9.8 |
| 2023-05-18 | CVE-2023-20160 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 9.8 |