SUSE CVE-2011-1493

Array index error in the roseparsenational function in net/rose/rosesubr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact by composing FACNATIONALDIGIS data that specifies a large number of...

SUSE CVE-2012-1139

Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid stack read operation and memory corruption or possibly execute arbitrary code via crafted glyph data in a BDF font...

SUSE CVE-2012-2149

The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...

SUSE CVE-2012-4295

Array index error in the channelisedfillsdhg707format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service application crash via a crafted speed aka rate value...

SUSE CVE-2013-1621

Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169...

SUSE CVE-2013-2888

Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service heap memory corruption via a crafted device that provides an invalid Repor...

SUSE CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

SUSE CVE-2013-6639

The DehoistArrayIndex function in hydrogen-dehoist.cc aka hydrogen.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via JavaScript code that sets the...

SUSE CVE-2013-6640

The DehoistArrayIndex function in hydrogen-dehoist.cc aka hydrogen.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service out-of-bounds read via JavaScript code that sets a variable to the value of an array element with...

SUSE CVE-2019-1000016

FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbsav1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in...

SUSE CVE-2020-28589

An improper array index validation vulnerability exists in the LoadObj functionality of tinyobjloader v2.0-rc1 and tinyobjloader development commit 79d4421. A specially crafted file could lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

SUSE CVE-2022-1237

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

GSD-2023-1001003 drm/amd/display: fix array index out of bound error in bios parser

drm/amd/display: fix array index out of bound error in bios parser This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

PT-2023-33117 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to an array index out of bound error in DCN32 DML. This problem has been identified but its actual impact and potential for exploitation have not been confirmed...

PT-2023-34080 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: The issue is related to an array index out of bounds error in the bios parser. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

CVE-2023-22408

An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. When an attacker sends an SIP packets with a malformed SDP field then the SIP ALG can not process i...

Input validation

An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon aftmand of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. On the PTX10008 and PTX10016 platforms running Junos ...

Input validation

An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. When an attacker sends an SIP packets with a malformed SDP field then the SIP ALG can not process i...

CVE-2023-22401

CVE-2023-22401 affects Juniper Networks Junos OS and Junos OS Evolved, specifically the aftmand (Advanced Forwarding Toolkit Manager) daemon on PTX10008/PTX10016. An improper validation of an array index allows an unauthenticated, network-based attacker to trigger a DoS by querying a particular S...

Juniper Junos OS Vulnerability (JSA70204)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70204 advisory. - An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to caus...