Weaknesses of type CWE-120
2,898 resultsCVE-2019-8287—TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. EPSS 19.5%CVE-2020-8597CRITICALeap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.EPSS 19.4%CVE-2022-43970HIGHBuffer overflow in Linksys WRT54GLEPSS 19.3%CVE-2022-47949CRITICALThe Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execuEPSS 16.9%CVE-2022-37434CRITICALzlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: EPSS 15.9%CVE-2024-7828HIGHD-Link DNS-1550-04 photocenter_mgr.cgi cgi_set_cover buffer overflowEPSS 15.8%CVE-2024-42812CRITICALIn D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. AttEPSS 15.5%CVE-2023-41064HIGHA buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.EPSS 15.3%KEVCVE-2010-0820HIGHHeap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows ServeEPSS 14.4%CVE-2021-22824—A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length cheEPSS 14.2%CVE-2023-34563CRITICALnetgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.EPSS 13.9%CVE-2023-31475CRITICALAn issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item iEPSS 13.7%CVE-2023-7095CRITICALTotolink A7100RU HTTP POST Request main buffer overflowEPSS 13.7%CVE-2019-17147HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication EPSS 13.7%CVE-2024-39288CRITICALA buffer overflow vulnerability exists in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A speciallyEPSS 13.5%CVE-2017-12718—A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. AEPSS 13.0%CVE-2022-22805—A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code executioEPSS 11.7%CVE-2023-20189HIGHCisco Small Business Series Switches Buffer Overflow VulnerabilitiesEPSS 11.1%CVE-2024-7463HIGHTOTOLINK CP900 cstecgi.cgi UploadCustomModule buffer overflowEPSS 11.0%CVE-2020-15069CRITICALSophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientlesEPSS 10.7%KEV