CWE-466
Return of Pointer Value Outside of Expected Range
BaseDraft
Description
A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-25234 | Med | 0.40 | 6.2 | 0.00 | Mar 30, 2026 | SmartFTP Client 9.0.2615.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can paste a buffer of 300 repeated characters into the Host connection parameter to trigger an application crash. | |
| CVE-2018-25227 | Med | 0.40 | 6.2 | 0.00 | Mar 30, 2026 | Valentina Studio 9.0.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can trigger the crash by pasting a 256-byte buffer of repeated characters into the Host parameter during server connection attempts. | |
| CVE-2019-25599 | Med | 0.40 | 6.2 | 0.00 | Mar 22, 2026 | Backup Key Recovery 2.2.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 or more characters into the Name field during registration to trigger a crash when submitting the form. | |
| CVE-2019-25548 | Med | 0.40 | 6.2 | 0.00 | Mar 21, 2026 | BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer of 100,000 'A' characters into the search field and trigger a search operation to cause the application to crash. |