CVE-2026-21382

CVE-2026-21382 describes a memory corruption issue in a Power Management IC when handling power management requests due to improperly sized input/output buffers. CVSS 3.1 base score 7.8 (HIGH), with LOCAL attack vector, LOW attack complexity, LOW privileges required, and HIGH impact to confidenti...

CVE-2026-24800

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

CVE-2025-47321

CVE-2025-47321 concerns a memory corruption issue in Qualcomm embedded platform firmware when handling packets from Unix clients. Root cause: inadequate validation of incoming data size during buffer copying, allowing potential arbitrary code execution. Impact: potential local code execution on a...

PT-2025-51556

Name of the Vulnerable Software and Affected Versions Qualcomm embedded platform firmware affected versions not specified Description A memory corruption issue exists when handling packets received from Unix clients. The firmware does not properly validate the size of incoming data during buffer...

PT-2024-5618 · Hewlett Packard · Ami Bios

Name of the Vulnerable Software and Affected Versions: Hewlett-Packard Development Company L.P. AMI BIOS affected versions not specified Description: The issue is related to a buffer copy without checking the size of the input data in the AMI BIOS software of Hewlett-Packard Development Company...

CVE-2023-50362

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...

CVE-2023-41275

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

PT-2023-7779 · Siemens · Opcenter Quality +4

Name of the Vulnerable Software and Affected Versions: Opcenter Execution Foundation versions prior to V2407 Opcenter Quality versions prior to V2312 SIMATIC PCS neo versions prior to V4.1 SINEC NMS versions prior to V2.0 SP1 Totally Integrated Automation Portal TIA Portal V14 Totally Integrated...

CVE-2022-27612

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors...

CVE-2021-22802

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector dc.ex...

The vulnerability lies in the implementation of the convert() function or ImagingConvertTransparent(), which is used in the Pillow and PIL image processing libraries. This allows an attacker to cause a denial-of-service attack.

The vulnerability in the implementation of the convert function or ImagingConvertTransparent method of the Pillow and Python Imaging Library for working with images involves copying buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause...