CWE-131

High likelihood

Incorrect Calculation of Buffer Size

Parent: CWE-682 - Incorrect Calculation

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

174 vulnerabilities with CWE-131
CVE-2018-14618 HIGH
curl <7.61.1 - Buffer Overflow
CVSS 7.5
CVE-2018-1000224 HIGH
Godot Engine <2.1.5, <3.0.6 - DoS
CVSS 7.5
CVE-2017-13315 HIGH
Android - Privilege Escalation
CVSS 7.8
CVE-2017-13289 HIGH
Android <8.1 - Privilege Escalation
CVSS 7.8
CVE-2017-14934 MEDIUM
GNU Binutils - Denial of Service
CVSS 5.5
CVE-2017-0715 HIGH
Android <7.1.2 - RCE
CVSS 7.8
CVE-2017-0620 HIGH
Android Kernel <3.18 - Privilege Escalation
CVSS 7.0
CVE-2017-0166 HIGH
Windows - Privilege Escalation
CVSS 8.1
CVE-2017-0569 HIGH
Android Kernel <3.18 - Privilege Escalation
CVSS 7.0
CVE-2014-3468
Gnutls < 3.5.7 - Out-of-Bounds Access
CVE-2008-0599 CRITICAL
PHP <5.2.6 - RCE
CVSS 9.8
CVE-2005-3120 CRITICAL
Lynx <2.8.6 - Buffer Overflow
CVSS 9.8
CVE-2005-2103 CRITICAL
Gaim < 1.5.0 - Buffer Overflow
CVSS 9.8
CVE-2005-0490 HIGH
Haxx Curl - Buffer Overflow
CVSS 8.8
CVE-2004-0940 HIGH
Apache <1.3.32 - Buffer Overflow
CVSS 7.8
CVE-2004-0747 HIGH
Apache <2.0.50 - Buffer Overflow
CVSS 7.8
CVE-2004-1363 CRITICAL
Oracle Application Server - Buffer Overflow
CVSS 9.8
CVE-2004-0434 CRITICAL
Heimdal - RCE
CVSS 9.8
CVE-2003-0899 CRITICAL
Acme Thttpd < 2.23 - Buffer Overflow
CVSS 9.8
CVE-2002-1347 CRITICAL
Cyrus SASL library <2.1.9 - Buffer Overflow
CVSS 9.8
CVE-2002-0184 HIGH
Sudo < 1.6.6 - Buffer Overflow
CVSS 7.8
CVE-2001-0334 HIGH
Microsoft Internet Information Server < 5.0 - Denial of Service
CVSS 7.5
CVE-2001-0248 CRITICAL
Hp-ux - Buffer Overflow
CVSS 9.8
CVE-2001-0249 CRITICAL
Solaris 8 - Buffer Overflow
CVSS 9.8
Details
Vulnerabilities 174
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits