Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-130

CWE-130

Improper Handling of Length Parameter Inconsistency

Parent: CWE-240 - Improper Handling of Inconsistent Structural Elements

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

93 vulnerabilities with CWE-130

CVE-2021-27861 MEDIUM

IEEE 802.2 < 802.2h-1997 - Authentication Bypass via LLC/SNAP Header Spoofing

CVE-2021-38445 HIGH

OpenDDS < 3.18.1 - Remote Code Execution via Length Parameter Inconsistency

CVE-2021-43666 HIGH

mbed TLS < 3.0.0 - Denial of Service in mbedtls_pkcs12_derivation

CVE-2021-20610 HIGH

Mitsubishi Electric MELSEC iQ-R - Length Parameter Inconsistency

CVE-2021-26329 MEDIUM

AMD EPYC 7001 Series Firmware < naplespi-sp3_1.0.0.g - Integer Overflow in System Management Unit

CVE-2021-3454 MEDIUM

Zephyr 2.4.0-2.5.9 - Denial of Service via Truncated L2CAP K-frame

CVE-2021-36374 MEDIUM

Apache Ant <1.9.16, 1.10.11 - Memory Corruption

CVE-2021-36373 MEDIUM

Apache Ant <1.9.16, 1.10.11 - Memory Corruption

CVE-2021-36090 HIGH

Apache Commons Compress 1.0-1.20 - Denial of Service via Malicious ZIP Archive

CVE-2021-35517 HIGH

Apache Commons Compress 1.1-1.19 - Denial of Service via Malicious TAR Archive

CVE-2021-35516 HIGH

Apache Commons Compress 1.6-1.19 - Denial of Service via Malicious 7Z Archive

CVE-2021-20588 HIGH

Mitsubishi Electric FA Engineering Software - Buffer Overflow

CVE-2020-10065 LOW

Zephyr < 1.14.2 - Improper Handling of Length Parameter Inconsistency in Bluetooth HCI over SPI

CVE-2020-8927 MEDIUM

Brotli < 1.0.8 - Denial of Service via One-Shot Decompression Buffer Overflow

CVE-2020-16224 MEDIUM

Philips Patient Information Center iX C.02 C.03 - Denial of Service via Length Parameter Inconsistency

CVE-2019-0055 HIGH

Juniper Junos OS - Denial of Service via SIP ALG Packet Processing

CVE-2019-3862 HIGH

libssh2 < 1.8.1 - Out-of-bounds Read via SSH_MSG_CHANNEL_REQUEST Packet Parsing

CVE-2018-5453 HIGH

Moxa OnCell G3100-HSPA <1.4 Build 16062919 - Info Disclosure

Previous Page 4 of 4

Details

Vulnerabilities 93

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy