CWE-131
205 CVEs • Abstraction: Base • Likelihood of Exploit: High
Incorrect Calculation of Buffer Size
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
CVEs (205)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Apple Cyrusimap3Cyrus Sasl Mac Os XMac Os X ServerApr 16, 2026 Dec 18, 2002 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) charact...Show more |
2Debian Sudo Project2Debian Linux SudoApr 16, 2026 May 16, 2002 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly...Show more |
1Microsoft 1Internet Information Server Apr 16, 2026 Jun 27, 2001 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. |
3Hp OracleSgi3Hp Ux IrixSolarisApr 16, 2026 Jun 18, 2001 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. |
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. |