Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-130

CWE-130

Improper Handling of Length Parameter Inconsistency

Parent: CWE-240 - Improper Handling of Inconsistent Structural Elements

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

93 vulnerabilities with CWE-130

CVE-2025-8531 MEDIUM

Mitsubishi Electric MELSEC-Q Series - Buffer Overflow

CVE-2025-10458 HIGH

Zephyr < 4.1.0 - Improper Handling of Length Parameter Inconsistency

CVE-2025-26432 MEDIUM

Android - Denial of Service via Missing Length Check

CVE-2025-5514 MEDIUM

Mitsubishi Electric MELSEC iQ-F Series - DoS

CVE-2025-54646 MEDIUM

Huawei EMUI and HarmonyOS - Denial of Service via BLE Packet Length Check

CVE-2025-52949 MEDIUM

Juniper Junos OS and Junos OS Evolved - Denial of Service via Malformed BGP Packet in rpd

CVE-2025-53604 MEDIUM

web-push < 0.10.3 - Denial of Service via Large Content-Length Header

CVE-2025-23247 MEDIUM

NVIDIA CUDA Toolkit - Buffer Overflow

CVE-2025-29784 HIGH

NamelessMC < 2.2.0 - Denial of Service via Forum Search Parameter Length

CVE-2025-29931 LOW

TeleControl Server Basic < V3.1.2.2 - Memory Corruption

CVE-2025-30659 HIGH

Juniper Junos OS SRX Series DoS via Malformed SVR Packet

CVE-2025-32366 MEDIUM

ConnMan < 1.44 - Information Disclosure via DNS Response Parsing

CVE-2024-53856 HIGH

rPGP < 0.14.1 - Denial of Service via Crafted Data

CVE-2024-47293 MEDIUM

Huawei EMUI and HarmonyOS - Out-of-bounds Write in HAL-WIFI Module

CVE-2024-41991 HIGH

Django 4.2-4.2.14 and 5.0-5.0.7 - Denial of Service via Unicode Character Input

CVE-2024-41990 HIGH

Django 4.2-4.2.14 and 5.0-5.0.7 - Denial of Service via urlize() and urlizetrunc() Template Filters

CVE-2024-42460 MEDIUM

elliptic 2.0.0-6.5.6 - ECDSA Signature Malleability via Missing Leading Zero Check

CVE-2024-20416 MEDIUM

Cisco Small Business RV Series Router Firmware - Authenticated RCE via HTTP Request Boundary Check Bypass

CVE-2024-39614 HIGH

Django 4.2-4.2.13 and 5.0-5.0.6 - Denial of Service in get_supported_language_variant()

CVE-2024-38875 HIGH

Django 4.2-4.2.13 and 5.0-5.0.6 - Denial of Service via urlize and urlizetrunc Bracket Handling

CVE-2024-38011 HIGH

Windows 10 1507-22H2, Windows 11 21H2-23H2, Windows Server 2012-2022 - Secure Boot Security Feature Bypass

CVE-2024-38010 HIGH

Windows 10 1507-22H2, Windows 11 21H2-23H2, Windows Server 2012-2022 - Secure Boot Security Feature Bypass

CVE-2024-37989 HIGH

Windows 10 1507-22H2, Windows 11 21H2-23H2, Windows Server 2012-2022 - Secure Boot Security Feature Bypass

CVE-2024-37988 HIGH

Windows 10 1507-22H2, Windows 11 21H2-23H2, Windows Server 2012-2022 - Secure Boot Security Feature Bypass

CVE-2024-37305 HIGH

oqs-provider < 0.6.1 - Buffer Overflow via DECODE_UINT32 Length Handling

Previous Page 2 of 4 Next

Details

Vulnerabilities 93

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy