Audify.js Security Vulnerability

Audify.js is an application by the individual developer Almog Hamdani. It is used to play, stream, and record PCM audio data, and encode and decode Opus into PCM audio data. Audify.js suffers from a security vulnerability that stems from vulnerability to improper validation of array indexes, whic...

PT-2024-18936 · Audify · Audify

Name of the Vulnerable Software and Affected Versions: audify versions all Description: The issue arises from improper validation of array index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions, as it is not checked for negative values. This can le...

UBUNTU-CVE-2024-6606

Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox 128 and Thunderbird 128...

SUSE-SU-2024:2380-1 Security update for ppp

This update for ppp fixes the following issues: - CVE-2022-4603: Fixed improper validation of array index of the component pppdump bsc1218251...

CVE-2024-6606

Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox 128 and Thunderbird 128...

PT-2024-5155 · Unknown · Foxboro.Sys

Name of the Vulnerable Software and Affected Versions: Foxboro.sys driver affected versions not specified Description: The issue is related to an Improper Validation of Array Index, which could cause a local denial-of-service when a malicious actor with local user access crafts a script or progra...

PT-2024-24758 · Samsung · Walrus

Name of the Vulnerable Software and Affected Versions: Walrus versions before 72c7230f32a0b791355bbdfc78669701024b0956 Description: The issue is related to an Improper Validation of Array Index in the Samsung Open Source Walrus Webassembly runtime engine, which can cause a segmentation fault...

SAMSUNG WALRUS Security Vulnerability

SAMSUNG WALRUS is a project of the South Korean company Samsung SAMSUNG. It aims to provide a lightweight WebAssembly runtime engine. A security vulnerability exists in SAMSUNG WALRUS that stems from improper array index validation leading to a segmentation error...

GO-2024-2564 Improper Validation of Array Index in github.com/greenpau/caddy-security

Improper Validation of Array Index in github.com/greenpau/caddy-security...

CVE-2024-39461

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-39462

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-39462

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-39462 clk: bcm: dvp: Assign ->num before accessing ->hws

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-38631

In the Linux kernel, the following vulnerability has been resolved: iio: adc: PAC1934: fix accessing out of bounds array index Fix accessing out of bounds array index for average current and voltage measurements. The device itself has only 4 channels, but in sysfs there are "fake" channels for th...

SUSE CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

SUSE CVE-2024-38569

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...

CVE-2024-39277

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMANONODE correctly cpumaskofnode can be called for NUMANONODE inside domapbenchmark resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...

CVE-2024-39277

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMANONODE correctly cpumaskofnode can be called for NUMANONODE inside domapbenchmark resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...

CVE-2024-39277

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMANONODE correctly cpumaskofnode can be called for NUMANONODE inside domapbenchmark resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...

CVE-2024-39277 dma-mapping: benchmark: handle NUMA_NO_NODE correctly

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMANONODE correctly cpumaskofnode can be called for NUMANONODE inside domapbenchmark resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...