2586 matches found
CVE-2022-31603
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information...
Input validation
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information...
GSD-2022-1004010 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.283 by commit...
GSD-2022-1003902 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...
GSD-2022-1003802 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...
GSD-2022-1003606 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...
GSD-2022-1003384 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...
GSD-2022-1002760 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...
CVE-2021-35072
Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
Buffer overflow
Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
Design/Logic Flaw
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-35072
Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
CVE-2021-35072
CVE-2021-35072 is a Qualcomm/Snapdragon DIAG command handling vulnerability where an input validation error on array indexes in the Modem/DIAG path can cause a buffer overflow. The issue affects Snapdragon line components (Auto, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables) with...
CVE-2021-35121
CVE-2021-35121 affects Qualcomm/Snapdragon kernel components, specifically the Synx driver, where an array index is improperly used to lock/unlock a mutex. This leads to a Use-After-Free condition that can be triggered locally, with the CVSS v3.1 vector indicating Local access, Low attack complex...
CVE-2021-35121
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...
Qualcomm 输入验证错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. An input validation error vulnerability exists in...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2022:1686-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1686-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following...
simplejson before 2.6.1 vulnerable to array index error
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...
GHSA-9772-CWX9-R4CJ simplejson before 2.6.1 vulnerable to array index error
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...
Improper Validation of Array Index
The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in insertionModeStack.pop in node.go, called from inHeadIM, during an html.Parse call...