CVE-2018-13902

Out of bounds memory read and access due to improper array index validation may lead to unexpected behavior while decoding XTRA file in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

Buffer overflow

Buffer overflow in WLAN driver event handlers due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 636, SD 675, SD 730, SD...

CVE-2018-5883

CVE-2018-5883 describes a buffer overflow in WLAN driver event handlers caused by improper validation of array index. Affected products include Qualcomm Snapdragon family devices such as MDM9206/9607/9640/9650, MSM8996AU, QCS405/QCS605, SD 636/675/730/820A/835/855, SDA660, SDM630/660/SDX20/SDX24,...

CVE-2018-13902

CVE-2018-13902 is described as an out-of-bounds memory read when decoding XTRA files in Qualcomm Snapdragon components (wide range of Snapdragon Auto/Compute/IoT/Wearables/MI devices and more listed). Root cause: improper array index validation in the decoder. Affected products include numerous S...

CVE-2018-13898

Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655,...

Apple Safari HTMLFormElement Improper Validation of Array Index Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within HTMLFormElement...

CVE-2018-11936

Index of array is processed in a wrong way inside a while loop and result in invalid index -1 or something else leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

Design/Logic Flaw

Index of array is processed in a wrong way inside a while loop and result in invalid index -1 or something else leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

Input validation

Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2018-11936

CVE-2018-11936 affects Qualcomm Snapdragon families (various Snapdragon Auto/Connectivity/IoT/Smartphone platforms) where an incorrect handling of an array index inside a while loop can produce a negative or invalid index, causing out-of-bounds memory access. The description explicitly ties the i...

CVE-2018-11936

Index of array is processed in a wrong way inside a while loop and result in invalid index -1 or something else leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

CVE-2018-11927

CVE-2018-11927 involves improper input validation on an input used as an array index, causing an out-of-bounds condition during AP find event processing in firmware for Qualcomm-based Snapdragon platforms. The affected scope spans Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Sna...

EulerOS Virtualization 3.0.1.0 : cvs (EulerOS-SA-2019-1455)

According to the version of the cvs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containin...

Buffer Overflow

The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...

Buffer Overflow

The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...

Arbitrary Code Execution

kernel-rt is vulnerable to arbitrary code execution. The vulnerability exists as an array index error in the logidjrawevent function could allow physical attackers to execute arbitrary code through the value of REPORTTYPENOTIFDEVICEUNPAIRED...

CVE-2018-13898

Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655,...

NVIDIA Windows GPU Display Driver Input Validation Error Vulnerability

The NVIDIA Windows GPU Display Driver is a display driver for Windows systems. An array index reference vulnerability exists in the kernel mode layer nvlddmkm.sys create context command DDI DxgkDdiCreateContext in the NVIDIA Windows GPU display driver. The vulnerability stems from the product usi...

CVE-2019-5666

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer nvlddmkm.sys create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index...

Design/Logic Flaw

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer nvlddmkm.sys create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index...