CWE-805 (Buffer Access with Incorrect Length Value) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
| Kind | Name | Class | Prevalence | OS / CPE |
|---|---|---|---|---|
| language | — | Memory-Unsafe | Undetermined | — |
| language | C | — | Often | — |
| language | C++ | — | Often | — |
| language | — | Assembly | Undetermined | — |
These CVEs are mapped to this weakness in this database and kept for traceability and search.
| CVE | Published | Summary |
|---|---|---|
| CVE-2026-34002 | 2026-05-05 | A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit t… |
| CVE-2025-63547 | 2026-05-01 | An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted packet to the MTU length field |
| CVE-2026-6245 | 2026-04-15 | A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Bec… |
| CVE-2026-20033 | 2026-02-25 | A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vul… |
| CVE-2026-20010 | 2026-02-25 | A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an… |
| CVE-2026-1837 | 2026-02-11 | A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data.… |
| CVE-2026-0716 | 2026-01-13 | A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read … |
| CVE-2025-7048 | 2026-01-06 | On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain … |
| CVE-2025-36463 | 2025-11-17 | Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus… |
| CVE-2025-36462 | 2025-11-17 | Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus… |
| CVE-2025-36461 | 2025-11-17 | Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus… |
| CVE-2025-36460 | 2025-11-17 | Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus… |
| CVE-2025-20360 | 2025-10-15 | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulne… |
| CVE-2025-20315 | 2025-09-24 | A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, causing a de… |
| CVE-2025-38743 | 2025-08-21 | Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit th… |
| CVE-2025-23319 | 2025-08-06 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of … |
| CVE-2025-23318 | 2025-08-06 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability mi… |
| CVE-2025-20202 | 2025-05-07 | A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability… |
| CVE-2025-20191 | 2025-05-07 | A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allo… |
| CVE-2025-30651 | 2025-04-09 | A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to ca… |
| Date | Name | Version | Importance | Comment |
|---|---|---|---|---|
| 2010-04-05 | CWE Content Team | 1.8.1 | — | updated Related_Attack_Patterns |
| 2010-06-21 | CWE Content Team | 1.9 | — | updated Common_Consequences, Potential_Mitigations, References |
| 2010-09-27 | CWE Content Team | 1.10 | — | updated Potential_Mitigations |
| 2010-12-13 | CWE Content Team | 1.11 | — | updated Potential_Mitigations |
| 2011-06-01 | CWE Content Team | 1.13 | — | updated Common_Consequences |
| 2011-06-27 | CWE Content Team | 2.0 | — | updated Demonstrative_Examples, Observed_Examples, Relationships |
| 2011-09-13 | CWE Content Team | 2.1 | — | updated Relationships, Taxonomy_Mappings |
| 2012-05-11 | CWE Content Team | 2.2 | — | updated Potential_Mitigations, References, Relationships |
| 2012-10-30 | CWE Content Team | 2.3 | — | updated Potential_Mitigations |
| 2014-02-18 | CWE Content Team | 2.6 | — | updated Potential_Mitigations, References |
| 2014-06-23 | CWE Content Team | 2.7 | — | updated Demonstrative_Examples |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Applicable_Platforms, Causal_Nature, Demonstrative_Examples, Likelihood_of_Exploit, References, Taxonomy_Mappings |
| 2018-03-27 | CWE Content Team | 3.1 | — | updated References |
| 2019-01-03 | CWE Content Team | 3.2 | — | updated Relationships |
| 2019-06-20 | CWE Content Team | 3.3 | — | updated Related_Attack_Patterns |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Relationships |
| 2020-06-25 | CWE Content Team | 4.1 | — | updated Common_Consequences |
| 2020-08-20 | CWE Content Team | 4.2 | — | updated Relationships |
| 2020-12-10 | CWE Content Team | 4.3 | — | updated Relationships |
| 2021-07-20 | CWE Content Team | 4.5 | — | updated Demonstrative_Examples, Potential_Mitigations |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated References |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Description, Detection_Factors, Potential_Mitigations |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Potential_Mitigations, References, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2024-02-29 | CWE Content Team | 4.14 | — | updated Demonstrative_Examples |
| 2025-09-09 | CWE Content Team | 4.18 | — | updated Functional_Areas |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Applicable_Platforms, Detection_Factors, References |