CWE-120: Buffer Copy without Size Check
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Yearly Trend
Top Affected Vendors
All Buffer Copy without Size Check CVEs (1,256)
A buffer overflow vulnerability in RethinkDB's cJSON parsing module allows attackers to execute arbitrary code or crash the database service by sendin...
Jan 27, 2026This CVE describes a classic buffer overflow vulnerability in dlib's zlib modules that allows attackers to write data beyond allocated buffer boundari...
Jan 27, 2026This CVE describes a classic buffer overflow vulnerability in the zlib modules of tildearrow furnace software, specifically in the inflate.C file. An ...
Jan 27, 2026Multiple buffer overflow vulnerabilities in the Admin UI of EZCast Pro II allow attackers to crash the program and potentially execute arbitrary code ...
Jan 27, 2026A stack-based buffer overflow vulnerability in ArduinoCore-avr allows attackers to trigger memory corruption by passing large decimalPlaces values whe...
Jan 21, 2026A classic buffer overflow vulnerability in RethinkDB allows attackers to write data beyond allocated memory boundaries by providing oversized input. T...
Dec 9, 2025About Buffer Copy without Size Check (CWE-120)
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Our database tracks 1,256 CVEs classified as CWE-120, with 404 rated critical and 682 rated high severity. The average CVSS score for Buffer Copy without Size Check vulnerabilities is 8.2.
External reference: View CWE-120 on MITRE CWE →
Monitor Buffer Copy without Size Check Vulnerabilities
Get alerted when new Buffer Copy without Size Check CVEs affect your infrastructure.
Start Monitoring Free