2586 matches found
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the indexadd function. An attacker can cause the application to crash or become unresponsive by submitting specially crafted input. Remediation There is no fixed version for oneflow. References -...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the flow.cuda.synchronize function when it is called with an invalid or out-of-range GPU device index. An attacker can cause the application to crash or become unresponsive by supplying a malicious...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the flow.cuda.getdeviceproperties function. An attacker can cause the application to crash or become unresponsive by supplying an invalid or negative device index. Remediation There is no fixed...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via improper validation in the flow.cuda.getdevicecapability function. An attacker can cause the application to crash or become unresponsive by supplying a specially crafted device ID. Remediation Ther...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000960)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000960 advisory. Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDMULTITOUCH is...
CVE-2026-0529
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002421)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002421 advisory. Array index error in the logidjrawevent function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002062)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002062 advisory. Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11 allow physically proximate attacke...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the MongoDB protocol parser. An attacker can cause buffer overflows by sending specially crafted network traffic to a monitored network interface where MongoDB protocol parsing is enabled...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the MongoDB protocol parser. An attacker can cause buffer overflows by sending specially crafted network traffic to a monitored network interface where MongoDB protocol parsing is enabled...
CVE-2026-0529
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
CVE-2026-0529
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
CVE-2026-0529 Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
CVE-2026-0529 Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
CVE-2026-0529
CVE-2026-0529 affects Elastic Beats Packetbeat MongoDB protocol parser. Affected software: Elastic Beats (Packetbeat) versions 7.x, 8.x before 8.19.10, and 9.x before 9.1.10 or 9.2.4. Root cause: Improper validation of array index (CWE-129) in the MongoDB protocol parser, which can permit buffer ...
SUSE CVE-2025-71086
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...
PT-2026-2848
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly initializing the number of elements before accessing an array, which could result in an...
GHSA-W2GR-585J-R428 Metricbeat affected by multiple denial of service vulnerabilities
Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the Graphite or Zookeeper server metricsets and the Prometheus helper module. An attacker can cause a service disruption by sending specially crafted, malformed payloads or metric data. Remediation...