CWE-130

Improper Handling of Length Parameter Inconsistency

Parent: CWE-240 - Improper Handling of Inconsistent Structural Elements

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

86 vulnerabilities with CWE-130
CVE-2021-36373 MEDIUM
Apache Ant <1.9.16, 1.10.11 - Memory Corruption
CVSS 5.5
CVE-2021-36090 HIGH
Compress - Memory Corruption
CVSS 7.5
CVE-2021-35517 HIGH
Compress - Memory Corruption
CVSS 7.5
CVE-2021-35516 HIGH
Compress - Memory Corruption
CVSS 7.5
CVE-2021-20588 HIGH
Mitsubishi Electric FA Engineering Software - Buffer Overflow
CVSS 7.5
CVE-2020-10065 LOW
Zephyr < 1.14.2 - Out-of-Bounds Write
CVSS 3.8
CVE-2020-8927 MEDIUM
Google Brotli < 1.0.8 - Buffer Overflow
CVSS 5.3
CVE-2020-16224 MEDIUM
PICiX <C.03 - Buffer Overflow
CVSS 6.5
CVE-2019-0055 HIGH
Juniper Junos - Denial of Service
CVSS 7.5
CVE-2019-3862 HIGH
Libssh2 < 1.8.1 - Denial of Service
CVSS 7.3
CVE-2018-5453 HIGH
Moxa OnCell G3100-HSPA <1.4 Build 16062919 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 86
Links
MITRE CWE Entry Search this CWE With Exploits