CWE-120 - Buffer overflow

Description

A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold, or when a program attempts to put data in a memory area outside of the boundaries of a buffer.
The simplest type of error, and the most common cause of buffer overflows, is the "classic" case in which the program copies the buffer without restricting how much is copied.
Buffer overflows can be used for bypassing security services, causing program crashes and arbitrary code execution. The weakness is introduced during Implementation stage.

Latest vulnerabilities for CWE-120

Multiple vulnerabilities in Google Android 2024-05-07
Medium Yes

Multiple vulnerabilities in Qualcomm chipsets 2024-05-07
Medium Yes

Multiple vulnerabilities in Dell Networking OS10 2024-04-23
High Yes

Multiple vulnerabilities in IBM Watson Discovery Cartridge for IBM Cloud Pak for Data 2024-04-23
High Yes

Multiple vulnerabilities in Google Pixel 2024-04-03
High Yes

Multiple vulnerabilities in Google Android 2024-04-01
High Yes

Multiple vulnerabilities in Qualcomm chipsets 2024-04-01
High Yes

Multiple vulnerabilities in FreeImage 2024-03-11
Medium No

Multiple vulnerabilities in IBM Maximo Application Suite 2024-03-08
High Yes

Multiple vulnerabilities in Google Android 2024-03-04
High Yes

References

Description of CWE-120 on Mitre website