RHEL 8 : kernel-rt (RHSA-2022:1975)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1975 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Huawei HarmonyOS Information Disclosure Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An information disclosure vulnerability exists in Huawei HarmonyOS version 2.0. The vulnerability stems from the failure to properly validate the Array Index...

Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle MySQL Cluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Data Node jobs. The issue results from the lack of proper...

Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle MySQL Cluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Data Node jobs. The issue results from the lack of proper...

CVE-2021-21949

The CVE-2021-21949 entry maps to a concrete vulnerability in Accusoft ImageGear 19.10: an improper array index validation in the JPEG-JFIF Scan header parser can cause an out-of-bounds write, leading to potential code execution. The root cause is a mismatch in how SOS data references AC/DC Huffma...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1402)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1237

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

CVE-2022-1237

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

Heap overflow

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

UBUNTU-CVE-2022-1237

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

CVE-2022-1237

CVE-2022-1237 affects radare2 (radareorg/radare2) prior to 5.6.8. The issue is an improper validation of an array index, resulting in a heap overflow. The reports describe this as potentially exploitable, with impact on confidentiality, integrity, and availability. Remediation: upgrade to radare2...

CVE-2022-1237 Improper Validation of Array Index in radareorg/radare2

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

CVE-2022-1237

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

CVE-2022-1237

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

Improper Validation of Array Index

This vulnerability is of type Improper Validation of Array Index. The bug exists in latest stable release radare2-5.6.6 and lastest master branch 8317a34b7e4ab731e230dcdd81adc9323c5b518b, updated in April 03, 2022. Specifically, the vulnerable code located at libr/bin/format/ne/ne.c and the bug's...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1227)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1243)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccpshctxccid...

PT-2022-2366 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.12 Description: The issue is related to the Linux kernel's USB gadget driver, specifically in the udc-xilinx.c file. It involves an array index that is not properly validated, potentially allowing a remote...

CVE-2022-25258

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests ones with a large array index and ones associated with NULL function pointer retrieval. Memory corruption might occur...

Siemens Null Pointer Dereference in Wind River VxWorks (CVE-2019-12259)

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. - Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There...