CVE-2022-46152 OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function

OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function cleanupshmrefs is called by both entryinvokecommand and entryopensession. The commands...

CVE-2022-46152 OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function

OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function cleanupshmrefs is called by both entryinvokecommand and entryopensession. The commands...

PT-2022-27769

Name of the Vulnerable Software and Affected Versions OP-TEE Trusted OS versions prior to 3.19.0 Description The issue concerns an Improper Validation of Array Index vulnerability. The function cleanup shm refs is called by both entry invoke command and entry open session. The commands OPTEE MSG...

CVE-2022-46152

OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function cleanupshmrefs is called by both entryinvokecommand and entryopensession. The commands...

CVE-2022-46152 OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function

OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function cleanupshmrefs is called by both entryinvokecommand and entryopensession. The commands...

Altair HyperView Player

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Altair Equipment: HyperView Player Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Use of Uninitialized Resource, Improper Validation of Array Index 2. RISK EVALUATION Successful...

CVE-2022-3324

A stack-based buffer overflow vulnerability was found in Vim's winredrruler function of the src/drawscreen.c file. The issue occurs when using a negative array index with a negative width window. This flaw allows an attacker to trick a user into opening a specially crafted file, which triggers th...

Improper Validation of Array Index

In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...

CVE-2022-25690

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2022-25690

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2022-25690

CVE-2022-25690 corresponds to information disclosure in Qualcomm’s WLAN stack due to improper validation of array indices while parsing crafted ANQP action frames. The connected PT-2022-4878 entry details Qualcomm Snapdragon family components (Snapdragon Auto, Compute, Connectivity, and various S...

CVE-2022-22099

Memory corruption in multimedia due to improper validation of array index in Snapdragon Auto...

CVE-2022-22099

Memory corruption in multimedia due to improper validation of array index in Snapdragon Auto...

CVE-2022-22099

The CVE-2022-22099 entry concerns Qualcomm Snapdragon Auto multimedia code, where memory corruption is triggered by improper validation of an array index in the multimedia path. The vulnerability is characterized as high impact (confidentiality, integrity, and availability affected) with local ac...

CVE-2022-22099

Memory corruption in multimedia due to improper validation of array index in Snapdragon Auto...

Qualcomm Multimedia 输入验证错误漏洞

Qualcomm Multimedia is a camera driver component from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Multimedia that originates from an improper array index validation leading to multimedia memory corruption...

feenominators are set incorrectly through setFee function

Lines of code Vulnerability details Impact feenominators supposed to be updated using the array of indexes i not the current position of array length d Proof of Concept The function updates the fenominatorsx instead of feenominatorsix for uint256 x; x len; if dx MINFEENOMINATOR revert Exception18...

[slackware-security] xorg-server

New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-3slack15.0.txz: Rebuilt. xkb: switch to array index loops to moving pointers. xkb: add request length...

CVE-2022-31603

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information...

CVE-2022-31603

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information...