CWE-805— Buffer Access with Incorrect Length Value
19 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-805page 1 of 1
- CVE-2019-19339MEDIUMCVSS 6.5EG 6.52020-01-17
It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU…
- CVE-2020-10774MEDIUMCVSS 5.5EG 5.52021-05-27
A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel …
- CVE-2020-14509CRITICALCVSS 9.8EG 9.82020-09-16
Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities.
- CVE-2020-16101HIGHCVSS 7.5EG 7.52020-09-15
It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access. Affected versions are v8.20 prior to v8.20.1166(MR3), v8.10 prior to v8.10.1211(MR5), v8.00 p…
- CVE-2021-31885HIGHCVSS 7.5EG 7.52021-11-09
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BA…
- CVE-2021-3581HIGHCVSS 7.0EG 7.02021-10-05
Buffer Access with Incorrect Length Value in zephyr. Zephyr versions >= >=2.5.0 contain Buffer Access with Incorrect Length Value (CWE-805). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8q…
- CVE-2022-0519HIGHCVSS 7.1EG 7.12022-02-08
Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.
- CVE-2022-1238HIGHCVSS 7.8EG 7.82022-04-06
Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.m…
- CVE-2022-34399MEDIUMCVSS 5.1EG 2.32023-01-18
Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain se…
- CVE-2022-47375HIGHCVSS 7.5EG 7.52023-12-12
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-…
- CVE-2023-20049HIGHCVSS 8.6EG 7.52023-03-09
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-…
- CVE-2023-52557HIGHCVSS 7.5EG 7.52024-03-01
In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.
- CVE-2023-5396HIGHCVSS 7.4EG 7.42024-04-17
Server receiving a malformed message creates connection for a hostname that may cause a stack overflow resulting in possible remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning.
- CVE-2024-20294MEDIUMCVSS 6.6EG 6.62024-02-29
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. Th…
- CVE-2024-24851HIGHCVSS 7.5EG 7.52024-05-28
A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a buffer overflow. An attacker can send an u…
- CVE-2024-34476MEDIUMCVSS 5.3EG 5.32024-05-05
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: ogs_nas_encrypt in lib/nas/common/security.c for pkbuf->len.
- CVE-2024-37305HIGHCVSS 8.2EG 8.22024-06-17
oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handl…
- CVE-2024-3933MEDIUMCVSS 5.3EG 5.32024-05-27
In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded sto…
- CVE-2026-34002MEDIUMCVSS 6.1EG 6.12026-05-05
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, whi…
Map vulnerabilities like CWE-805 to your infrastructure
EchelonGraph correlates every CVE — across CWE-805 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →