CWE-120 · Buffer Copy without Checking Size of Input (Classic Buffer Overflow)

4276 CVEs classified under CWE-120 (Buffer Copy without Checking Size of Input (Classic Buffer Overflow)). Browse by severity and year.

Top CVEs for CWE-120
CVESeverityScorePublishedSummary
CVE-2026-4689Critical10.02026-03-24Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34…
CVE-2025-48611Critical10.02026-03-10In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds check. This could lead to local escalation of privilege with no…
CVE-2024-36290Critical10.02025-01-14A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can l…
CVE-2024-25139Critical10.02024-03-14In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After h…
CVE-2024-22039Critical10.02024-03-12A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Ce…
CVE-2024-23621Critical10.02024-01-26A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve…
CVE-2024-23616Critical10.02024-01-26A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability…
CVE-2024-23615Critical10.02024-01-26A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to a…
CVE-2024-23614Critical10.02024-01-26A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to ac…
CVE-2024-23613Critical10.02024-01-26A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit…
CVE-2023-1424Critical10.02023-05-24Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELS…
CVE-2021-33975Critical10.02023-04-19Buffer Overflow vulnerability in Qihoo 360 Total Security v10.8.0.1060 and v10.8.0.1213 allows attacker to escalate privileges.
CVE-2021-33972Critical10.02023-04-19Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges.
CVE-2023-24482Critical10.02023-02-14A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33)…
CVE-2022-32548Critical10.02022-08-29An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via t…
CVE-2022-22683Critical10.02022-07-28Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote…
CVE-2022-31481Critical10.02022-06-06An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID…
CVE-2022-22570Critical10.02022-04-01A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s (UA Lite) firmware (Version 3.8.28.24 and earlier) allows a malicious actor who ha…
CVE-2017-16740Critical10.02018-01-09A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-…
CVE-2025-20333Critical9.92025-09-25A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Softwa…