Vulnerabilities > Incorrect Calculation of Buffer Size
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-01 | CVE-2018-4038 | Incorrect Calculation of Buffer Size vulnerability in Atlantiswordprocessor Atlantis Word Processor 3.2.7.1/3.2.7.2 An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. | 7.8 |
| 2018-04-04 | CVE-2017-13289 | Incorrect Calculation of Buffer Size vulnerability in Google Android In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a write size mismatch. | 7.8 |
| 2017-08-09 | CVE-2017-0715 | Incorrect Calculation of Buffer Size vulnerability in Google Android A remote code execution vulnerability in the Android media framework (libavc). | 7.8 |
| 2017-05-12 | CVE-2017-0620 | Incorrect Calculation of Buffer Size vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-04-12 | CVE-2017-0166 | Incorrect Calculation of Buffer Size vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. | 8.1 |
| 2017-04-07 | CVE-2017-0569 | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2008-05-05 | CVE-2008-0599 | Incorrect Calculation of Buffer Size vulnerability in multiple products The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. | 9.8 |
| 2005-10-17 | CVE-2005-3120 | Incorrect Calculation of Buffer Size vulnerability in multiple products Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. | 9.8 |
| 2005-08-16 | CVE-2005-2103 | Incorrect Calculation of Buffer Size vulnerability in Gaim Project Gaim 0.75 Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n. | 9.8 |
| 2005-05-02 | CVE-2005-0490 | Incorrect Calculation of Buffer Size vulnerability in Haxx Curl and Libcurl Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication. | 8.8 |