CWE-131 · Incorrect Calculation of Buffer Size

203 CVEs classified under CWE-131 (Incorrect Calculation of Buffer Size). Browse by severity and year.

Top CVEs for CWE-131
CVESeverityScorePublishedSummary
CVE-2024-23622Critical10.02024-01-26A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerabilit…
CVE-2024-23621Critical10.02024-01-26A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve…
CVE-2026-52955Critical9.82026-06-24In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crush_decode() A message of type CEPH_MSG_…
CVE-2026-49841Critical9.82026-06-09FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on…
CVE-2026-43501Critical9.82026-05-21In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows ipv6_rpl_srh_rcv() decomp…
CVE-2026-41676Critical9.82026-04-24rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive (and PkeyCtxRef::derive) sets len = b…
CVE-2026-1949Critical9.82026-04-24Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web service.
CVE-2026-27820Critical9.82026-04-16zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vuln…
CVE-2026-39892Critical9.82026-04-08cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffe…
CVE-2026-20911Critical9.82026-04-07A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted mali…
CVE-2026-31806Critical9.82026-03-13FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent…
CVE-2026-1188Critical9.82026-01-29In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was not accounti…
CVE-2025-66216Critical9.82025-11-29AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-…
CVE-2025-1861Critical9.82025-03-30In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an…
CVE-2024-23606Critical9.82024-02-20An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A special…
CVE-2023-5941Critical9.82023-11-08In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not c…
CVE-2023-24819Critical9.82023-04-24RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 20…
CVE-2022-33211Critical9.82023-04-13memory corruption in modem due to improper check while calculating size of serialized CoAP message
CVE-2021-21824Critical9.82021-06-11An out-of-bounds write vulnerability exists in the JPG Handle_JPEG420 functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to…
CVE-2021-0254Critical9.82021-04-22A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially craf…