Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-130

CWE-130

Improper Handling of Length Parameter Inconsistency

Parent: CWE-240 - Improper Handling of Inconsistent Structural Elements

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

93 vulnerabilities with CWE-130

CVE-2024-35313 HIGH

Tor Arti < 1.2.3 - Improper Handling of Length Parameter Inconsistency

CVE-2024-29064 MEDIUM

Windows Hyper-V - Denial of Service via Length Parameter Inconsistency

CVE-2024-20685 MEDIUM

Azure Private 5G Core < 2403.0-2 - Denial of Service

CVE-2024-24976 MEDIUM

Open Automation Software OAS Platform <19.00.0057 - DoS

CVE-2023-53157 MEDIUM

rosenpass < 0.2.1 - Denial of Service via One-Byte UDP Packet

CVE-2023-52547 HIGH

Huawei Matebook D16 CREM-WXX9 BIOS v2.26 - Memory Corruption in SMI Handler

CVE-2023-5393 HIGH

Honeywell Experion Server - Stack Overflow and Remote Code Execution via Malformed Hostname Message

CVE-2023-50248 MEDIUM

CKAN <2.9.10-2.10.3 - Memory Corruption

CVE-2023-40167 MEDIUM

Jetty <9.4.52-12.0.1 - Info Disclosure

CVE-2023-33192 HIGH

ntpd-rs 0.3.0-0.3.2 - Denial of Service via NTS Cookie Length Mismatch

CVE-2023-28964 HIGH

Juniper Networks Junos OS/Junos OS Evolved - DoS

CVE-2022-36788 HIGH

libslic3r 1.3.0 and Master Commit b1a5500 - Heap-Based Buffer Overflow via Crafted STL File

CVE-2022-20690 MEDIUM

Cisco ATA 190 Series - Memory Corruption

CVE-2022-20689 MEDIUM

Cisco ATA 190 Series - Memory Corruption

CVE-2022-20686 MEDIUM

Cisco ATA 190/191/192 Firmware - Unauthenticated Remote Code Execution and Denial of Service via LLDP Packet Header

CVE-2022-41586 HIGH

Communication Framework - Info Disclosure

CVE-2022-20870 HIGH

Cisco IOS XE - Denial of Service via Malformed MPLS Egress Packet

CVE-2022-3290 HIGH

GitHub ikus060/rdiffweb <2.4.8 - Info Disclosure

CVE-2022-3272 HIGH

GitHub ikus060/rdiffweb <2.4.8 - Info Disclosure

CVE-2022-2714 CRITICAL

GitHub francoisjacquet/rosariosis <10.0 - Info Disclosure

CVE-2022-1543 HIGH

erudika/scoold <1.49.4 - Memory Corruption

CVE-2022-0677 HIGH

Bitdefender Update Server <3.4.0.276 - DoS

CVE-2022-0618 HIGH

swift-nio-http2 1.0.0-1.19.9 - Denial of Service via Malformed HTTP/2 HEADERS or PUSH_PROMISE Frame

CVE-2022-24666 HIGH

swift-nio-http2 1.0.0-1.19.1 - Denial of Service via Malformed HTTP/2 HEADERS Frame

CVE-2021-27862 MEDIUM

IEEE 802.2 < 802.2h-1997 - Authentication Bypass via LLC/SNAP Header Spoofing

Previous Page 3 of 4 Next

Details

Vulnerabilities 93

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy