2586 matches found
Qualcomm Chipsets Input Validation Error Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets, which is caused by memory corruption due to improper validation of array indexes in Linux...
PT-2023-18299 · Linux · Linux
Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to memory corruption due to improper validation of array index in Linux while updating adn record. There is no information about the estimated number of potentially...
PT-2023-13281 · Wlan Hal · Wlan Hal
Name of the Vulnerable Software and Affected Versions: WLAN HAL affected versions not specified Description: The issue is caused by memory corruption due to improper validation of array index in WLAN HAL when the received lm itemNum is out of range. This can lead to potential exploits. There is n...
UBUNTU-CVE-2023-40477
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-21650 Improper Validation of Array Index in GPS HLOS Driver
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length...
Improper Validation
libreoffice is vulnerable to Improper Validation. The vulnerability exists in the spreadsheet component of The Document Foundation LibreOffice which allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded...
EulerOS Virtualization 3.0.6.6 : ppp (EulerOS-SA-2023-2433)
According to the versions of the ppp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of th...
OpenJDK: array indexing integer overflow issue (8304468)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...
SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3807-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3807-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of...
CVE-2023-31194
An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...
Design/Logic Flaw
An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...
CVE-2023-31194
An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...
UBUNTU-CVE-2023-34453
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...
Input validation
A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver...
CVE-2023-2570
CVE-2023-2570 involves an Improper Validation of Array Index in the Foxboro.sys driver IOCTL handling, leading to local denial-of-service and potential kernel execution. Root cause: incorrect validation of an array index. Affected product context appears to be Schneider Electric EcoStruxure Foxbo...
EulerOS 2.0 SP5 : ppp (EulerOS-SA-2023-2165)
According to the versions of the ppp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component...
Mageia: Security Advisory (MGASA-2023-0194)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0194 Updated libreoffice packages fix security vulnerability
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...
Updated libreoffice packages fix security vulnerability
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...
USN-6144-1: LibreOffice vulnerabilities
It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute...