CWE-130 · Improper Handling of Length Parameter Inconsistency
98 CVEs classified under CWE-130 (Improper Handling of Length Parameter Inconsistency). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-43125 | Critical | 9.8 | 2026-05-06 | In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is n… |
CVE-2026-41898 | Critical | 9.8 | 2026-04-24 | rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk… |
CVE-2022-2714 | Critical | 9.8 | 2022-09-06 | Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0. |
CVE-2026-42216 | Critical | 9.1 | 2026-05-07 | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions… |
CVE-2026-22861 | High | 8.8 | 2026-01-13 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2026-22255 | High | 8.8 | 2026-01-08 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2026-22047 | High | 8.8 | 2026-01-07 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2026-22046 | High | 8.8 | 2026-01-07 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2022-1543 | High | 8.8 | 2022-04-29 | Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentar… |
CVE-2026-5367 | High | 8.6 | 2026-04-24 | A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets wit… |
CVE-2022-20870 | High | 8.6 | 2022-10-10 | A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switche… |
CVE-2026-45615 | High | 8.2 | 2026-05-29 | mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c (… |
CVE-2024-37305 | High | 8.2 | 2024-06-17 | oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum… |
CVE-2026-35547 | High | 8.1 | 2026-04-30 | When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to wr… |
CVE-2022-36788 | High | 8.1 | 2023-04-20 | A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially-craf… |
CVE-2024-38011 | High | 8.0 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
CVE-2024-38010 | High | 8.0 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
CVE-2024-37989 | High | 8.0 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
CVE-2024-37988 | High | 8.0 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
CVE-2023-52547 | High | 7.8 | 2024-05-28 | Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker… |