CWE-130 · Improper Handling of Length Parameter Inconsistency

98 CVEs classified under CWE-130 (Improper Handling of Length Parameter Inconsistency). Browse by severity and year.

Top CVEs for CWE-130
CVESeverityScorePublishedSummary
CVE-2026-43125Critical9.82026-05-06In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is n…
CVE-2026-41898Critical9.82026-04-24rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk…
CVE-2022-2714Critical9.82022-09-06Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.
CVE-2026-42216Critical9.12026-05-07OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions…
CVE-2026-22861High8.82026-01-13iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage…
CVE-2026-22255High8.82026-01-08iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage…
CVE-2026-22047High8.82026-01-07iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage…
CVE-2026-22046High8.82026-01-07iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage…
CVE-2022-1543High8.82022-04-29Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentar…
CVE-2026-5367High8.62026-04-24A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets wit…
CVE-2022-20870High8.62022-10-10A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switche…
CVE-2026-45615High8.22026-05-29mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c (…
CVE-2024-37305High8.22024-06-17oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum…
CVE-2026-35547High8.12026-04-30When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to wr…
CVE-2022-36788High8.12023-04-20A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially-craf…
CVE-2024-38011High8.02024-07-09Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38010High8.02024-07-09Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37989High8.02024-07-09Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37988High8.02024-07-09Secure Boot Security Feature Bypass Vulnerability
CVE-2023-52547High7.82024-05-28Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker…