Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-789

CWE-789

Memory Allocation with Excessive Size Value

Parent: CWE-770 - Allocation of Resources Without Limits or Throttling

The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

153 vulnerabilities with CWE-789

CVE-2021-47973 HIGH

Sticky Notes Widget 3.0.6 Denial of Service via Buffer Overflow

CVE-2021-47972 HIGH

Sticky Notes & Color Widgets 1.4.2 Denial of Service

CVE-2021-47971 HIGH

My Notes Safe 5.3 Denial of Service via Buffer Overflow

CVE-2021-47970 HIGH

Macaron Notes 5.5 Denial of Service via Buffer Overflow

CVE-2021-47969 HIGH

Color Notes 1.4 Denial of Service via Long Character String

CVE-2021-47944 HIGH

memono Notepad 4.2 Denial of Service via Buffer Overflow

CVE-2021-34869 HIGH

Parallels Desktop <16.1.3-49160 - Privilege Escalation

CVE-2021-34868 HIGH

Parallels Desktop <16.1.3-49160 - Privilege Escalation

CVE-2021-34867 HIGH

Parallels Desktop 16.1.3-49160 - Privilege Escalation

CVE-2021-34854 HIGH

Parallels Desktop 16.1.3 - Privilege Escalation via Toolgate Uncontrolled Memory Allocation

CVE-2021-1568 MEDIUM

Cisco AnyConnect Secure Mobility Client < 4.10.01075 - Authenticated Denial of Service via Crafted File Copy

CVE-2021-31811 MEDIUM

Apache PDFBox 2.0.0-2.0.23 - Denial of Service via Crafted PDF File

CVE-2021-27906 MEDIUM

Apache PDFBox <2.0.22 - Memory Corruption

CVE-2021-1283 MEDIUM

Cisco Data Center Network Manager < 11.5(1) - Authenticated Sensitive Information Exposure in System Log Files

CVE-2020-24685 HIGH

ABB AC500 CPU Firmware < 2.8.5 - Unauthenticated Denial of Service via Crafted Network Packet

CVE-2020-3596 MEDIUM

Cisco Expressway and TelePresence VCS < 12.6.3 - Unauthenticated Denial of Service via SIP Traffic

CVE-2020-5303 LOW

Tendermint < 0.31.12, 0.33.0-0.33.3 - Denial of Service via P2P Connection Request Flood

CVE-2020-8552 MEDIUM

Kubernetes <1.15.9, 1.16.0-1.16.6, 1.17.0-1.17.2 - DoS

CVE-2020-8551 MEDIUM

Kubernetes 1.15.0-1.15.9, 1.16.0-1.16.6, 1.17.0-1.17.2 - Denial of Service via Kubelet API

CVE-2018-25378 MEDIUM

Notebook Pro 2.0 Denial of Service via Notebook Name Field

CVE-2018-25368 HIGH

Nord VPN 6.14.31 Denial of Service via Password Field

CVE-2018-25295 MEDIUM

ObserverIP Scan Tool 1.4.0.1 Denial of Service via IP Field

CVE-2018-25279 MEDIUM

jiNa OCR Image to Text 1.0 Denial of Service via PNG

CVE-2018-25274 MEDIUM

InfraRecorder 0.53 Denial of Service via txt File Import

CVE-2018-12541 MEDIUM

Eclipse Vert.x <3.5.3 - Memory Corruption

Previous Page 6 of 7 Next

Details

Vulnerabilities 153

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy