CWE-131
205 CVEs • Abstraction: Base • Likelihood of Exploit: High
Incorrect Calculation of Buffer Size
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
CVEs (205)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additiona...Show more |
In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additiona...Show more |
3Debian FedoraprojectSysstat Project3Debian Linux FedoraSysstatJun 17, 2026 Nov 8, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocat...Show more |
2Linux Netapp7Active Iq Unified Manager H300s FirmwareH410c Firmware+4 moreJun 17, 2026 Nov 4, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote p...Show more |
In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not need...Show more |
1Qualcomm 30Qca6391 Firmware Qcm6490 FirmwareQcs6490 Firmware+27 moreJun 17, 2026 Sep 2, 2022 N/A· v4 8.4 HIGH· v3 N/A· v2 Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. |
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise...Show more |
5Debian FedoraprojectLinux+2 more9Debian Linux Enterprise LinuxFedora+6 moreJun 17, 2026 Aug 22, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This f...Show more |
1Rti 2Connext Professional Connext SecureJun 17, 2026 May 5, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow. |
All versions of GurumDDS improperly calculate the size to be used when allocating the buffer, which may result in a buffer overflow. |
A memory corruption vulnerability exists in the ioca_mys_rgb_allocate functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to an arbitrary free. An attacker can provide a malicious file...Show more |
3Debian QemuRedhat3Debian Linux Enterprise LinuxQemuJun 17, 2026 Apr 29, 2022 N/A· v4 8.2 HIGH· v3 4.6 MEDIUM· v2 A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. Th...Show more |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in...Show more |
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability. |
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability. |
Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflo...Show more |
3Arm DebianSiemens8Debian Linux Logo! Cmr2020 FirmwareLogo! Cmr2040 Firmware+5 moreJun 17, 2026 Aug 23, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to de...Show more |
There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code. |
There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses. |