High
CVE-2023-44837
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (Do…
Tag: Buffer Overflow
All CVEs associated with "Buffer Overflow". Page 44/160 • 19114 CVEs.
Subscribe CVEs: RSS for “Buffer Overflow” · RSS (High+Critical only)
About “Buffer Overflow”
A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19114 CVEs for this tag (all time). In the last 365 days, 2726 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.
In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2023-10-05
High
CVE-2023-44836
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (…
High
CVE-2023-44835
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (…
High
CVE-2023-44834
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Ser…
High
CVE-2023-44833
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Servi…
High
CVE-2023-44832
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (…
High
CVE-2023-44831
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (…
High
CVE-2023-44830
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Servi…
High
CVE-2023-44829
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Ser…
High
CVE-2023-44828
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of…
2023-10-04
Critical
CVE-2023-35803
IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow.
Medium
CVE-2023-3428
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an a…
Critical
CVE-2023-4494
Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request re…
Critical
CVE-2023-4491
Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, askin…
High
CVE-2023-30733
Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows local privileged attackers to perform code execution.
2023-10-03
Critical
CVE-2023-40830
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
High
CVE-2023-4911
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously craft…
2023-10-02
High
CVE-2023-43361
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
High
CVE-2023-5344
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
2023-10-01
High
CVE-2023-43907
OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c.
2023-09-29
High
CVE-2023-44466
An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of t…
2023-09-28
High
CVE-2023-5217
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Ch…
High
CVE-2023-43868
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via websGetVar function.
High
CVE-2023-43867
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanL2TP function.
High
CVE-2023-43866
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard7 function.
High
CVE-2023-43865
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanPPTP function.
High
CVE-2023-43864
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard55 function.
High
CVE-2023-43863
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanDhcpplus function.
High
CVE-2023-43862
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formLanguageChange function.
High
CVE-2023-43861
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanPPPoE function.
High
CVE-2023-43860
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanNonLogin function.
Medium
CVE-2023-40307
An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. Th…
Critical
CVE-2023-43869
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function.
2023-09-27
High
CVE-2023-43314
** UNSUPPORTED WHEN ASSIGNED **The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b11_C0 could allow an unauthenticated attacker to cause a denial of service co…
High
CVE-2023-5184
Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.
High
CVE-2023-4264
Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem.
Medium
CVE-2023-4260
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system.
High
CVE-2023-32377
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.
2023-09-26
High
CVE-2023-4259
Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code.
2023-09-25
Critical
CVE-2023-35002
A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can p…
High
CVE-2023-32614
A heap-based buffer overflow vulnerability exists in the create_png_object functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can…
Medium
CVE-2023-28393
A stack-based buffer overflow vulnerability exists in the tif_processing_dng_channel_count functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption.…
High
CVE-2023-23567
A heap-based buffer overflow vulnerability exists in the CreateDIBfromPict functionality of Accusoft ImageGear 20.1. A specially crafted file can lead to arbitrary code execution. An attacker can pro…
Critical
CVE-2023-43131
General Device Manager 2.5.2.2 is vulnerable to Buffer Overflow.
2023-09-21
High
CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issu…
2023-09-20
Critical
CVE-2023-36109
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.
Critical
CVE-2023-2262
A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote…
2023-09-18
Critical
CVE-2023-42320
Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function.
2023-09-15
Medium
CVE-2023-32461
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memo…
2023-09-14
Medium
CVE-2023-32643
A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, bu…
2023-09-13
Critical
CVE-2023-3935
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
Medium
CVE-2023-4039
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in…
2023-09-12
High
CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium securi…
High
CVE-2023-38076
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualiz…
High
CVE-2023-38071
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualiz…
High
CVE-2023-38070
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualiz…
High
CVE-2022-48475
Buffer Overflow vulnerability in Control de Ciber version 1.650, in the printing function. Sending a modified request by the attacker could cause a Buffer Overflow when the adminitrator tries to acce…
2023-09-11
High
CVE-2023-39068
Buffer Overflow vulnerability in NBD80S09S-KLC v.YK_HZXM_NBD80S09S-KLC_V4.03.R11.7601.Nat.OnvifC.20230414.bin and NBD80N32RA-KL-V3 v.YK_HZXM_NBD80N32RA-KL_V4.03.R11.7601.Nat.OnvifC.20220120.bin allow…
High
CVE-2023-39063
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard.
High
CVE-2020-19323
An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No a…
Critical
CVE-2020-19320
Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login.
Critical
CVE-2020-19319
Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login.
High
CVE-2020-19318
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserve…
High
CVE-2019-16470
Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.…
High
CVE-2023-4582
Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. *This bug only affects Fire…
High
CVE-2023-4576
On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *Th…
2023-09-08
High
CVE-2023-42278
hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse().
Critical
CVE-2023-42277
hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath.
Critical
CVE-2023-42276
hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray.
2023-09-07
High
CVE-2023-4685
Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code.
High
CVE-2023-41064
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, ma…
2023-09-06
High
CVE-2023-3471
Buffer overflow vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code.
High
CVE-2023-32379
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges.
High
CVE-2023-32356
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
High
CVE-2023-28215
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
High
CVE-2023-28214
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
High
CVE-2023-28213
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
High
CVE-2023-28212
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
High
CVE-2023-28211
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
High
CVE-2023-28210
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
High
CVE-2023-28209
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
2023-09-05
High
CVE-2023-4781
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
2023-09-04
Medium
CVE-2023-4756
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
Critical
CVE-2023-4744
A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based…
2023-09-03
High
CVE-2023-4751
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.
2023-09-02
High
CVE-2023-4738
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.
2023-09-01
High
CVE-2023-40968
Buffer Overflow vulnerability in hzeller timg v.1.5.1 and before allows a remote attacker to cause a denial of service via the 0x61200000045c address.
Critical
CVE-2023-36187
Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.
High
CVE-2022-46527
ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a buffer overflow via the NFC data parser.
2023-08-31
Medium
CVE-2023-4682
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
Medium
CVE-2023-4163
In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers…
2023-08-30
Critical
CVE-2023-40848
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
Critical
CVE-2023-40847
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is pass…
Critical
CVE-2023-40845
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function w…
Critical
CVE-2023-40844
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
Critical
CVE-2023-40843
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
Critical
CVE-2023-40842
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
Critical
CVE-2023-40841
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
Critical
CVE-2023-40840
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
2023-08-29
High
CVE-2023-38975
* Buffer Overflow vulnerability in qdrant v.1.3.2 allows a remote attacker cause a denial of service via the chucnked_vectors.rs component.
Critical
CVE-2023-40890
A stack-based buffer overflow vulnerability exists in the lookup_sequence function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To t…
Critical
CVE-2023-40889
A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger…
2023-08-28
High
CVE-2023-40998
Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via the packet size component.
High
CVE-2023-40997
Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via a crafted packet.
High
CVE-2023-40857
Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.
Medium
CVE-2023-40781
Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function.
Critical
CVE-2023-40846
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.
2023-08-25
High
CVE-2023-36198
Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function.
High
CVE-2023-40915
Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid p…
Critical
CVE-2023-40799
Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.
2023-08-23
Critical
CVE-2023-41028
A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.
Critical
CVE-2023-4041
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware U…
2023-08-22
High
CVE-2023-34853
Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable.
High
CVE-2022-47069
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found th…
High
CVE-2022-45703
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.
High
CVE-2022-44840
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.
Medium
CVE-2022-29654
Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.
High
CVE-2022-28072
A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.
High
CVE-2022-28069
A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
High
CVE-2022-28068
A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.