Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-120
Total 1596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-22129 1 Fortinet 1 Fortimail 2021-07-12 6.5 MEDIUM 8.8 HIGH
Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests.
CVE-2021-36148 1 Linux 1 Acrn 2021-07-08 6.8 MEDIUM 7.8 HIGH
An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow.
CVE-2020-24474 1 Intel 46 Baseboard Management Controller Firmware, Compute Module Hns2600bpb24r, Compute Module Hns2600bpbr and 43 more 2021-07-01 5.2 MEDIUM 8.0 HIGH
Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2021-34185 1 Miniaudio Project 1 Miniaudio 2021-07-01 6.8 MEDIUM 7.8 HIGH
Miniaudio 0.10.35 has an integer-based buffer overflow caused by an out-of-bounds left shift in drwav_bytes_to_u32 in miniaudio.h
CVE-2020-4609 1 Ibm 1 Security Verify Privilege Manager 2021-06-29 4.6 MEDIUM 7.8 HIGH
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917.
CVE-2021-21282 1 Contiki-ng 1 Contiki-ng 2021-06-24 7.5 HIGH 9.8 CRITICAL
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG 4.5. Users can apply the patch for this vulnerability out-of-band as a workaround.
CVE-2021-21281 1 Contiki-ng 1 Contiki-ng 2021-06-24 7.5 HIGH 9.8 CRITICAL
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet with a data offset that is unvalidated. The problem has been patched in Contiki-NG 4.6. Users can apply the patch for this vulnerability out-of-band as a workaround.
CVE-2021-33185 1 Serenityos 1 Serenityos 2021-06-22 5.0 MEDIUM 7.5 HIGH
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-31663 1 Riot-os 1 Riot 2021-06-22 5.0 MEDIUM 7.5 HIGH
RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31660 1 Riot-os 1 Riot 2021-06-22 5.0 MEDIUM 7.5 HIGH
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31662 1 Riot-os 1 Riot 2021-06-22 5.0 MEDIUM 7.5 HIGH
RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31661 1 Riot-os 1 Riot 2021-06-22 5.0 MEDIUM 7.5 HIGH
RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 contains a buffer overflow that could allow attackers to obtain sensitive information.
CVE-2021-31664 1 Riot-os 1 Riot 2021-06-22 5.0 MEDIUM 7.5 HIGH
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2020-6994 1 Belden 14 Hirschmann Eagle20, Hirschmann Eagle30, Hirschmann Embedded Ethernet Switch and 11 more 2021-06-17 7.5 HIGH 9.8 CRITICAL
A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The following devices using HiOS Version 07.0.02 and lower are affected: RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED. The following devices using HiSecOS Version 03.2.00 and lower are affected: EAGLE20/30.
CVE-2021-0101 1 Intel 2 Efi Bios 7215, Server Board M10jnp2sb 2021-06-17 5.8 MEDIUM 8.8 HIGH
Buffer overflow in the BMC firmware for Intel(R) Server BoardM10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.
CVE-2021-30475 2 Aomedia, Fedoraproject 2 Aomedia, Fedora 2021-06-17 7.5 HIGH 9.8 CRITICAL
aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow.
CVE-2021-25408 2 Google, Samsung 5 Android, Exynos 2100, Exynos 980 and 2 more 2021-06-16 4.6 MEDIUM 7.8 HIGH
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution.
CVE-2020-11292 1 Qualcomm 354 Apq8009, Apq8009 Firmware, Apq8009w and 351 more 2021-06-14 7.2 HIGH 7.8 HIGH
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2009-0948 1 Apple 1 Files 2021-06-10 7.5 HIGH 9.8 CRITICAL
Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.
CVE-2021-3438 2 Hp, Samsung 382 Color Laser 150 4zb94a, Color Laser 150 4zb95a, Color Laser Mfp 170 4zb96a and 379 more 2021-06-08 4.6 MEDIUM 7.8 HIGH
A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.