2586 matches found
CVE-2020-36776
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreqcooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpupowertofreq. If power is limited below the power of OPP0 in EM table, it will cause slab out-of-bound issue with negative array index...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreqcooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpupowertofreq. If power is limited below the power of OPP0 in EM table, it will cause slab out-of-bound issue with negative array index...
Design/Logic Flaw
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Don't use vcpu-run-internal.ndata as an array index vmxhandleexit uses vcpu-run-internal.ndata as an index for an array access. Since vcpu-run is can be mapped to a user address space with a writer permission, the 'ndat...
Design/Logic Flaw
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. If an excessively large value is specified as the starting index for an array in abidecode, it can cause the read position to overflow. This results in the decoding of values outside the intended array bounds, potential...
Improper Validation of Array Index
Overview audify is a Play/Stream/Record PCM audio data & Encode/Decode Opus to PCM audio data Affected versions of this package are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions it is not checked...
Improper Validation of Array Index in github.com/greenpau/caddy-security
All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead ...
GHSA-8H95-JCP5-PJPR Improper Validation of Array Index in github.com/greenpau/caddy-security
All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead ...
CVE-2024-21493
All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead ...
CVE-2024-21493
All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead ...
Input validation
All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead ...
CVE-2024-21493
All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead ...
CVE-2024-21493
The CVE-2024-21493 entry concerns the Go package github.com/greenpau/caddy-security, where multiple Caddyfile parsing functions fail to guard against nil input before indexing arrays. This Improper Validation of Array Index can cause panics during configuration parsing, potentially affecting web ...
caddy-security Security Vulnerabilities
caddy-security is a security application and plugin for Caddy. A security vulnerability exists in caddy-security that stems from vulnerability to improper array index validation...
X.Org Server DeviceFocusEvent Improper Validation of Array Index Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
X.Org Server XIQueryPointer Improper Validation of Array Index Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ProcXIQueryPointer...
Improper Validation Of Array Index
vyper is vulnerable to Improper Validation Of Array Index. The vulnerability is due to the typechecker allowing usage of an int as an index for an array validation, allowing an attacker to manipulate the typechcker in such a way that the index will be forced to be negative which results in Denial...
Vyper negative array index bounds checks
Summary Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. Typically, negative integers are filtered out at runtime by the bounds checker, but small enough i.e. large...
GHSA-52XQ-J7V9-V4V2 Vyper negative array index bounds checks
Summary Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. Typically, negative integers are filtered out at runtime by the bounds checker, but small enough i.e. large...
CVE-2024-24563
CVE-2024-24563 affects Vyper, where arrays can be indexed by signed integers even though defined for unsigned indices. The typechecker permits signed integers as array indexes, and with very large arrays, bounds checks can pass for negative values, leading to potential unpredictable behavior, acc...
CVE-2023-43535 Improper Validation of Array Index in Display
Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger...