CWE-119: Buffer Overflow
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Yearly Trend
Top Affected Vendors
All Buffer Overflow CVEs (1,217)
This vulnerability in the Linux kernel's NFS client implementation allows remote attackers to cause a denial of service through slab-out-of-bounds mem...
Aug 8, 2021This vulnerability in JTEKT Corporation TOYOPUC PLCs allows an attacker to cause a denial of service by sending specially crafted invalid frames to th...
Jul 1, 2021This vulnerability in Cisco SD-WAN vEdge Software allows attackers to execute arbitrary code as root or cause denial of service through buffer overflo...
May 6, 2021This vulnerability in Rust's standard library before version 1.2.0 allows memory safety violations when BinaryHeap operations panic. It affects any Ru...
Apr 11, 2021This vulnerability in Rust's standard library before version 1.51.0 allows memory safety violations when using nested Zip iterators. The bug causes th...
Apr 11, 2021This vulnerability is a memory buffer overflow in Schneider Electric PowerLogic ION series power meters that could allow an attacker to cause denial o...
Mar 11, 2021This vulnerability in Privoxy allows an attacker to cause denial of service by passing invalid patterns to the pcre_compile() function, leading to inv...
Mar 9, 2021A vulnerability in Juniper Networks Junos OS DHCPv6 implementation allows remote attackers to crash the JDHCPD process by sending malformed DHCPv6 pac...
Oct 16, 2020An out-of-bounds read vulnerability in Grassroot DICOM's RLECodec::DecodeByStreams function allows attackers to leak heap memory data by providing a s...
Dec 16, 2025An out-of-bounds read vulnerability in Grassroot DICOM's Overlay::GrabOverlayFromPixelData function allows attackers to leak sensitive information by ...
Dec 16, 2025An out-of-bounds read vulnerability in Grassroot DICOM's JPEGBITSCodec::InternalCode function allows attackers to leak sensitive information by provid...
Dec 16, 2025An out-of-bounds read vulnerability in Grassroot DICOM's JPEGBITSCodec::InternalCode function allows attackers to leak sensitive information by provid...
Dec 16, 2025A local attacker with access to specific files (CECSUB or CECRM) on IBM InfoSphere Data Replication VSAM for z/OS can exploit a stack-based buffer ove...
Oct 7, 2025This vulnerability in macOS allows malicious applications to corrupt coprocessor memory due to insufficient bounds checking. It affects macOS systems ...
Mar 31, 2025A memory corruption vulnerability in ISC DHCP allows attackers to cause denial of service by crashing dhclient or dhcpd processes when they parse mali...
May 26, 2021This vulnerability allows an unauthenticated attacker on the same network segment to execute arbitrary code, leak memory, or cause denial of service o...
Apr 8, 2021This vulnerability allows adjacent attackers to send specially crafted DHCP packets to Juniper EX/QFX Series switches running vulnerable Junos OS vers...
Jan 15, 2021A stack overflow vulnerability in libtiff's readSeparateStripsIntoBuffer function allows attackers to execute arbitrary code or cause denial of servic...
Feb 23, 2026This CVE describes a remote out-of-bounds write vulnerability in Zaher1307's tiny_web_server that could allow attackers to execute arbitrary code or c...
Feb 22, 2026A stack-based buffer overflow vulnerability in Open5GS allows remote attackers to execute arbitrary code or cause denial of service by manipulating th...
Feb 4, 2026A heap-based buffer overflow vulnerability in quickjs-ng's js_typed_array_constructor function allows remote attackers to execute arbitrary code or ca...
Jan 10, 2026This vulnerability allows remote attackers to execute arbitrary code or cause denial of service via a heap-based buffer overflow in the snap7-rs libra...
Dec 30, 2025A stack-based buffer overflow vulnerability in Tenda WH450 routers allows remote attackers to execute arbitrary code by sending specially crafted HTTP...
Dec 22, 2025This vulnerability allows remote attackers to execute arbitrary code or cause denial of service via a heap-based buffer overflow in the snap7-rs libra...
Dec 14, 2025A heap-based buffer overflow vulnerability exists in the snap7-rs library's TSnap7MicroClient::opWriteArea function. This allows remote attackers to e...
Dec 14, 2025CVE-2025-5667 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's REIN command handler that allows remote attackers to execute a...
Jun 5, 2025CVE-2025-5665 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's XCWD command handler that allows remote attackers to execute a...
Jun 5, 2025CVE-2025-5637 is a critical buffer overflow vulnerability in PCMan FTP Server 2.0.7's SYSTEM command handler that allows remote attackers to execute a...
Jun 5, 2025A critical buffer overflow vulnerability in PCMan FTP Server 2.0.7 allows remote attackers to execute arbitrary code or crash the service by sending s...
Jun 5, 2025CVE-2025-5595 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's PROGRESS command handler that allows remote attackers to execu...
Jun 4, 2025A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's HOST command handler allows remote attackers to execute arbitrary code or crash...
Jun 4, 2025A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's PASSIVE command handler allows remote attackers to execute arbitrary code or cr...
Jun 4, 2025CVE-2025-5551 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's SYSTEM command handler that allows remote attackers to execute...
Jun 4, 2025CVE-2025-5549 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's PASV command handler that allows remote attackers to execute a...
Jun 4, 2025A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's CDUP command handler allows remote attackers to execute arbitrary code or crash...
Jun 4, 2025CVE-2025-5357 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's PWD command handler that allows remote attackers to execute ar...
May 30, 2025A critical buffer overflow vulnerability exists in FreeFloat FTP Server 1.0's BYE command handler, allowing remote attackers to execute arbitrary code...
May 30, 2025A critical buffer overflow vulnerability in PCMan FTP Server 2.0.7 allows remote attackers to execute arbitrary code or crash the service by sending s...
May 29, 2025A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0.0 allows remote attackers to execute arbitrary code via the PORT command handler....
May 28, 2025CVE-2025-5221 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0.0's QUOTE command handler that allows remote attackers to execut...
May 27, 2025CVE-2025-5220 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0.0's GET command handler that allows remote attackers to execute ...
May 27, 2025A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0.0 allows remote attackers to execute arbitrary code or crash the service by sendi...
May 27, 2025A critical buffer overflow vulnerability exists in FreeFloat FTP Server 1.0.0's ASCII Command Handler component. This allows remote attackers to execu...
May 27, 2025CVE-2025-5076 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's SEND command handler that allows remote attackers to execute a...
May 22, 2025CVE-2025-5075 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's DEBUG command handler that allows remote attackers to execute ...
May 22, 2025A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0 allows remote attackers to execute arbitrary code or crash the service by sending...
May 22, 2025A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's LS command handler allows remote attackers to execute arbitrary code or crash t...
May 21, 2025CVE-2025-5049 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's APPEND command handler that allows remote attackers to execute...
May 21, 2025A critical buffer overflow vulnerability in PCMan FTP Server 2.0.7 allows remote attackers to execute arbitrary code or crash the service by sending s...
May 18, 2025A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's MLS command handler allows remote attackers to execute arbitrary code or crash ...
May 18, 2025About Buffer Overflow (CWE-119)
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Our database tracks 1,217 CVEs classified as CWE-119, with 142 rated critical and 884 rated high severity. The average CVSS score for Buffer Overflow vulnerabilities is 8.0.
External reference: View CWE-119 on MITRE CWE →
Monitor Buffer Overflow Vulnerabilities
Get alerted when new Buffer Overflow CVEs affect your infrastructure.
Start Monitoring Free