2586 matches found
CVE-2025-65499
Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...
Improper Validation of Array Index
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Validation of Array Index via the MultiModalDataParser input processor. An attacker can cause the engine to crash by submitting multimodal...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the fs/diriterate/diriterate.go:Next function. An attacker can cause the application to crash by triggering a filesystem traversal fallback path that leads to an over-indexing of an empty slice when...
TencentOS Server 4: ffmpeg (TSSA-2024:0567)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0567 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Siemens SCALANCE and RUGGEDCOM Devices Improper Validation of Array Index (CVE-2024-56785)
MIPS: Loongson64: DTS: issues with PCIe port nodes for ls7a. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504762; scriptversion"1.2";...
SUSE CVE-2025-40118
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
Siemens SIMATIC S7-1500 Improper Validation of Array Index (CVE-2024-57996)
netsched: schsfq: vulnerability caused by incorrectly handling a packet limit of 1, leading to an array-index-out-of-bounds error and subsequent crash when the queue length is decremented for an empty slot. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 Improper Validation of Array Index (CVE-2022-35737)
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array- bounds overflow if billions of bytes are used in a string argument to a C API. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990895)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990895 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpioid before used as array index WHY & HOW GPIOIDUNKNOWN -1 is not a vali...
Lexmark Printers Improper Validation of Array Index (CVE-2023-26066)
A PostScript operator that improperly validates the stack has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503906;...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990541)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990541 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of th...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989885)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989885 advisory. In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cm...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989930)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989930 advisory. In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds val...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990020)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990020 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988990)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988990 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989353)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989353 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...
CVE-2025-47361 Improper Validation of Array Index in Automotive Software platform based on QNX
Memory corruption when triggering a subsystem crash with an out-of-range identifier...
CVE-2025-47361 Improper Validation of Array Index in Automotive Software platform based on QNX
Memory corruption when triggering a subsystem crash with an out-of-range identifier...
CVE-2025-47361
The CVE-2025-47361 issue affects an Automotive Software platform based on QNX. The root cause is improper validation of an array index that triggers a subsystem crash, causing memory corruption when an out-of-range identifier is used. Impact is described as memory corruption with high severity (C...
CVE-2025-47352 Improper Validation of Array Index in Audio
Memory corruption while processing audio streaming operations...