CVE-2025-47352 Improper Validation of Array Index in Audio

Memory corruption while processing audio streaming operations...

CVE-2025-47352

CVE-2025-47352 is described as a memory corruption in Qualcomm chipsets during audio streaming processing, caused by improper validation of an array index in the audio path. The vulnerability is characterized in multiple feeds with the same description; one source (PT-2025-44924) explicitly ties ...

PT-2025-44928

Name of the Vulnerable Software and Affected Versions Automotive Software platform based on QNX affected versions not specified Description A memory corruption issue exists when triggering a subsystem crash with an out-of-range identifier. The issue involves improper validation of an array index...

PT-2025-44924

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description A memory corruption issue exists when processing audio streaming operations. The issue is due to improper validation of array index in audio processing. Recommendations At the moment, there is no information...

Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-35905)

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

Siemens SIMATIC Devices Improper Control of Resource Identifiers (CVE-2024-42265)

"In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for...

Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-35813)

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 mmc: core: Use mrq.sbc in close-ended ffu assigns previdata = idatasi - 1, but doesn't check that the iterator i is greater than zero. Let's fix this by adding...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Validation of Array Index (CVE-2024-49894)

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in cmhelpertranslatecurvetodegammahwformat function. The issue could occur when the index 'i' exceeds the number of...

Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-43858)

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-38587)

In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof vs ARRAYSIZE bug The buf pointer is an array of u16 values. This code should be using ARRAYSIZE which is 256 instead of sizeof which is 512, otherwise it can the still got out of bounds. This plugin only works...

Siemens SIMATIC and SCALANCE Devices Improper Validation of Array Index (CVE-2025-21692)

net: sched: fix ets qdisc OOB Indexing This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503404; scriptversion"1.3";...

EUVD-2022-55092

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

OESA-2025-2376 cjson security update

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - %description devel The cjson-devel package contains libraries and header files for developing...

OESA-2025-2374 cjson security update

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - %description devel The cjson-devel package contains libraries and header files for developing...

Security update for cJSON

This update for cJSON fixes the following issues: CVE-2023-26819: Allocate memory for the temporary buffer when paring numbers bsc1241502 CVE-2025-57052: Fix the incorrect check in decodearrayindexfrompointer bsc1249112 Patch Instructions: To install this SUSE update use the SUSE recommended...

cJSON: out-of-bounds access in decode_array_index_from_pointer() in cJSON_Utils.c via crafted JSON pointer strings

A flaw was found in the cJSON library. A specially crafted JSON pointer string can cause an out-of-bounds access in the decodearrayindexfrompointer function in the cJSONUtils.c file due to improper array bounds checking, causing a crash to the application linked to the library and resulting in a...

EUVD-2011-4191

Malware in sbrugna...

EUVD-2010-4353

Malware in sbrugna...

EUVD-2010-2998

Malware in sbrugna...

EUVD-2016-1568

Malware in sbrugna...