CWE-120 未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出) 类弱点 1857 条 CVE 漏洞汇总,含 AI 中文分析。
CWE-120 即经典缓冲区溢出,属于内存安全漏洞。当程序将输入数据复制到输出缓冲区时,若未验证输入大小是否超出目标容量,会导致内存越界写入。攻击者利用此缺陷可覆盖相邻内存数据,进而执行恶意代码或导致系统崩溃。开发者应严格校验输入长度,使用安全的边界检查函数,并确保目标缓冲区足够大,从而从根本上杜绝此类风险。
char last_name[20]; printf ("Enter your last name: "); scanf ("%s", last_name);void manipulate_string(char * string){ char buf[24]; strcpy(buf, string); ... }| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2025-11698 | ControlLogix/CompactLogix 缓冲区溢出漏洞 — CompactLogix® 5380 Recovery Image Compact GuardLogix® 5380 Recovery Image CompactLogix® 5480 Recovery Image ControlLogix® 5580 Recovery Image GuardLogix® 5580 Recovery Image | - | - | 2026-07-14 |
| CVE-2025-12012 | CompactLogix 等控制器缓冲区溢出漏洞 — CompactLogix® 5370 Compact GuardLogix® 5370 ControlLogix® 5570 GuardLogix® 5570 | - | - | 2026-07-14 |
| CVE-2025-12011 | 罗克韦尔自动化控制器缓冲区溢出漏洞 — CompactLogix® 5370 Compact GuardLogix® 5370 ControlLogix® 5570 GuardLogix® 5570 | - | - | 2026-07-14 |
| CVE-2025-8412 | VMDP:RtlQueryRegistryValues函数潜在缓冲区溢出漏洞 — Virtual Machine Driver Pack | - | - | 2026-07-14 |
| CVE-2026-15543 | Tenda CH22 CertListInfo 缓冲区溢出漏洞 — CH22 | 8.8 | High | 2026-07-13 |
| CVE-2026-15484 | TRENDnet TEW-821DAP 缓冲区溢出漏洞 — TEW-821DAP | 8.8 | High | 2026-07-12 |
| CVE-2026-15483 | TRENDnet TEW-821DAP 缓冲区溢出漏洞 — TEW-821DAP | 8.8 | High | 2026-07-12 |
| CVE-2026-29009 | U-Boot 缓冲区错误漏洞 — u-boot | 8.2 | High | 2026-07-08 |
| CVE-2026-57246 | Foxit PDF Editor 缓冲区错误漏洞 — Foxit PDF Editor | 7.8 | High | 2026-07-08 |
| CVE-2026-8247 | WatchGuard fireware 缓冲区错误漏洞 — Fireware OS | - | - | 2026-07-02 |
| CVE-2026-57278 | GeoVision GeoWebPlayer 缓冲区错误漏洞 — GeoWebPlayer | 8.3 | High | 2026-07-02 |
| CVE-2026-57277 | GeoVision GeoWebPlayer 缓冲区错误漏洞 — GeoWebPlayer | 8.3 | High | 2026-07-02 |
| CVE-2026-57276 | GeoVision GeoWebPlayer 缓冲区错误漏洞 — GeoWebPlayer | 8.3 | High | 2026-07-02 |
| CVE-2026-57275 | GeoVision GeoWebPlayer 缓冲区错误漏洞 — GeoWebPlayer | 8.3 | High | 2026-07-02 |
| CVE-2026-57274 | GeoVision GeoWebPlayer 缓冲区错误漏洞 — GeoWebPlayer | 8.3 | High | 2026-07-02 |
| CVE-2026-57273 | GeoVision GeoWebPlayer 缓冲区错误漏洞 — GeoWebPlayer | 8.3 | High | 2026-07-02 |
| CVE-2026-20243 | Cisco Secure Endpoint 缓冲区错误漏洞 — Cisco Secure Endpoint | 7.5 | High | 2026-07-01 |
| CVE-2026-20244 | Cisco Secure Endpoint 缓冲区错误漏洞 — Cisco Secure Endpoint | 7.5 | High | 2026-07-01 |
| CVE-2026-20215 | Cisco Secure Endpoint 缓冲区错误漏洞 — Cisco Secure Endpoint | 7.5 | High | 2026-07-01 |
| CVE-2026-20217 | Cisco Secure Endpoint 缓冲区错误漏洞 — Cisco Secure Endpoint | 7.5 | High | 2026-07-01 |
| CVE-2026-20213 | Cisco Secure Endpoint 缓冲区错误漏洞 — Cisco Secure Endpoint | 7.5 | High | 2026-07-01 |
| CVE-2026-20214 | Cisco Secure Endpoint 缓冲区错误漏洞 — Cisco Secure Endpoint | 7.5 | High | 2026-07-01 |
| CVE-2026-6688 | ChaN FatFs 缓冲区错误漏洞 — FatFs | 7.6 | High | 2026-07-01 |
| CVE-2026-13583 | edimax ew-7478apc 缓冲区错误漏洞 — EW-7478APC | 8.8 | High | 2026-06-29 |
| CVE-2026-13582 | edimax ew-7478apc 缓冲区错误漏洞 — EW-7478APC | 8.8 | High | 2026-06-29 |
| CVE-2026-13580 | edimax ew-7478apc 缓冲区错误漏洞 — EW-7478APC | 8.8 | High | 2026-06-29 |
| CVE-2026-13562 | Edimax ew-7478apc 缓冲区错误漏洞 — EW-7478APC | 8.8 | High | 2026-06-29 |
| CVE-2026-48706 | Envoy Proxy Envoy 缓冲区错误漏洞 — envoy | 5.9 | Medium | 2026-06-26 |
| CVE-2026-57874 | GeoVision GV-LPC2011 缓冲区错误漏洞 — GV-LPCLPC2011/2211 | 7.5 | High | 2026-06-26 |
| CVE-2026-12246 | NLnet Labs NSD 缓冲区错误漏洞 — NSD | - | - | 2026-06-25 |
CWE-120(未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)) 是常见的弱点类别,本平台收录该类弱点关联的 1857 条 CVE 漏洞。