CWE-131

High likelihood

Incorrect Calculation of Buffer Size

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

182 vulnerabilities with CWE-131

CVE-2026-21503 MEDIUM

iccDEV < 2.3.1.2 - Denial of Service via Null Pointer in CIccTagSparseMatrixArray

CVSS 6.1

CVE-2025-33216 MEDIUM

NVIDIA SNAP-4 Container < 4.9.0 and < 4.5.5 - Denial of Service via Crafted Configuration

CVSS 6.8

CVE-2025-33124 MEDIUM

IBM DB2 Merge Backup 12.1.0.0 - Authenticated Denial of Service via Buffer Size Calculation

CVSS 6.5

CVE-2025-62550 HIGH

Azure Monitor Agent < 1.35.9 - Authenticated Remote Code Execution via Out-of-Bounds Write

CVSS 8.8

CVE-2025-66216 CRITICAL

AIS-catcher <0.64 - Buffer Overflow

CVSS 9.8

CVE-2025-61661 MEDIUM

GNU grub2 < 2.14 - Denial of Service via USB Device String Conversion

CVSS 4.8

CVE-2025-27074 HIGH

Product <Version - Memory Corruption

CVSS 8.8

CVE-2025-33126 MEDIUM

IBM DB2 High Performance Unload - DoS

CVSS 6.5

CVE-2025-27053 HIGH

Qualcomm Mobile and Modem Firmware - Memory Corruption in PlayReady APP

CVSS 7.8

CVE-2025-57807 LOW

ImageMagick < 6.9.13-29 - Heap-Based Buffer Overflow via SeekBlob and WriteBlob Functions

CVSS 3.8

CVE-2025-55297 HIGH

espressif/esp-idf < 5.0.9 - Buffer Overflow in BluFi Example

CVSS 8.8

CVE-2025-52955 MEDIUM

Juniper Junos OS and Junos OS Evolved - Unauthenticated Denial of Service via rpd Memory Corruption

CVSS 6.5

CVE-2025-27042 HIGH

Qualcomm Firmware - Memory Corruption

CVSS 7.8

CVE-2025-46723 HIGH

OpenVM 1.0.0 - Buffer Overflow via AUIPC PC Limb Decomposition

CVE-2025-46688 MEDIUM

QuickJS <2025-04-26 - Buffer Overflow

CVSS 5.6

CVE-2025-46393 LOW

ImageMagick <7.1.1-44 - Buffer Overflow

CVSS 2.9

CVE-2025-43965 LOW

ImageMagick <7.1.1-44 - Info Disclosure

CVSS 2.9

CVE-2025-1861 CRITICAL

PHP <8.1.32, <8.2.28, <8.3.19, <8.4.5 - Info Disclosure

CVSS 9.8

CVE-2025-30334 MEDIUM

OpenBSD < 7.5 - Denial of Service via wg(4) Traffic Handling

CVSS 6.5

CVE-2025-0395 MEDIUM

GNU C Library <2.41 - Buffer Overflow

CVSS 6.2

CVE-2024-11425 HIGH

Schneider Electric Modicon M580 CPU - Unauthenticated Denial of Service via Crafted HTTPS Packet

CVSS 7.5

CVE-2024-8361 HIGH

WiSeConnect SDK < 3.3.4 - Denial of Service via SHA2/224 Hash Length Mismatch

CVSS 7.5

CVE-2024-49776 MEDIUM

tsMuxer nightly-2024-04-05-01-53-02 - DoS

CVSS 6.5

CVE-2024-28052 MEDIUM

Level1 WBR-6012 Firmware - Buffer Overflow via Incorrect Buffer Size Calculation

CVSS 5.3

CVE-2024-46729 HIGH

Linux Kernel 4.15-6.10.8 - Buffer Overflow in AMD Display DRM Driver

CVSS 7.8

Details

Vulnerabilities 182

Exploit Likelihood High

Links