CWE-131

High likelihood

Incorrect Calculation of Buffer Size

Parent: CWE-682 - Incorrect Calculation

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

182 vulnerabilities with CWE-131
CVE-2024-46684 MEDIUM
Linux Kernel 6.10-6.10.8 - Denial of Service via Incorrect AUXV Buffer Size Calculation
CVSS 5.5
CVE-2024-39808 MEDIUM
Controller 6000/7000 <9.10.240816a-8.80 - DoS
CVSS 4.6
CVE-2024-45287 HIGH
FreeBSD 13.0-13.2 - Integer Overflow in libnv Structure Parsing
CVSS 7.5
CVE-2024-43843 HIGH
Linux Kernel 6.8-6.10.2 - Out-of-Bounds Write via BPF Trampoline Image Preparation
CVSS 7.8
CVE-2024-42259 MEDIUM
Linux Kernel 4.9-6.10.4 - DRM i915 GEM Buffer Overflow
CVSS 5.5
CVE-2024-5000 HIGH
CODESYS Control SL < 4.12.0.0 - Unauthenticated Denial of Service via OPC UA Request
CVSS 7.5
CVE-2024-30405 HIGH
Juniper Junos OS SRX 5000 Series DoS via Crafted Packets with ALGs Enabled
CVSS 7.5
CVE-2024-26752 MEDIUM
Linux Kernel Buffer Overflow via Incorrect Transport Header Length Calculation
CVSS 5.5
CVE-2024-26721 MEDIUM
Linux Kernel 6.7-6.7.5 - Incorrect Buffer Size Calculation in i915 DSC PPS Register Address
CVSS 5.5
CVE-2024-27237 MEDIUM
Google Android - Information Disclosure
CVSS 5.5
CVE-2024-23606 CRITICAL
libbiosig 2.5.0 and Master Branch - Out-of-Bounds Write via Crafted .famos File
CVSS 9.8
CVE-2024-23805 HIGH
F5 BIG-IP Advanced WAF and ASM 15.1.0-15.1.9 - Denial of Service via HTTP Analytics Profile with URLs Enabled
CVSS 7.5
CVE-2024-23622 CRITICAL
IBM Merge eFilm Workstation < 4.2 - Unauthenticated Stack-Based Buffer Overflow in License Server
CVSS 10.0
CVE-2024-23621 CRITICAL
IBM Merge eFilm Workstation < 4.2 - Unauthenticated Remote Code Execution via License Server Buffer Overflow
CVSS 10.0
CVE-2023-52558 HIGH
OpenBSD < 7.3 - Denial of Service via Network Buffer Split Handling
CVSS 7.5
CVE-2023-52557 HIGH
OpenBSD < 7.3 - Denial of Service via L2TP AVP Length Mismatch
CVSS 7.5
CVE-2023-50736 CRITICAL
Lexmark various - Remote Code Execution via PostScript Interpreter
CVSS 9.0
CVE-2023-6387 HIGH
Gecko SDK < 4.4.0 - Buffer Overflow in Bluetooth LE HCI CPC Sample Application
CVSS 7.5
CVE-2023-6780 MEDIUM
glibc 2.37-2.38 - Heap-Based Buffer Overflow in __vsyslog_internal
CVSS 5.3
CVE-2023-5941 CRITICAL
FreeBSD < 12.4-RELEASE-p7 and 13.2-RELEASE < 13.2-RELEASE-p5 - Heap Buffer Overflow in stdio __sflush()
CVSS 9.8
CVE-2023-45871 HIGH
Linux kernel <6.5.3 - Buffer Overflow
CVSS 7.5
CVE-2023-4257 HIGH
Zephyrproject Zephyr Project Zephyr - Buffer Overflow in WiFi Shell
CVSS 7.6
CVE-2023-20798 MEDIUM
Android - Out-of-bounds Read in PDA Component
CVSS 4.4
CVE-2023-36824 HIGH
Redis 7.0.0-7.0.11 - Authenticated Heap Overflow via COMMAND GETKEYS
CVSS 7.4
CVE-2023-30575 MEDIUM
Apache Guacamole <1.5.1 - Code Injection
CVSS 6.5
Details
Vulnerabilities 182
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits