2609 matches found
CVE-2026-24238
NVIDIA TensorRT for contains a vulnerability where an attacker might cause an improper validation of array index. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24238
NVIDIA TensorRT for contains a vulnerability where an attacker might cause an improper validation of array index. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24238
NVIDIA TensorRT for contains a vulnerability where an attacker might cause an improper validation of array index. A successful exploit of this vulnerability might lead to code execution...
EUVD-2026-43562
Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to exploit this vulnerability. The specific flaw exists...
Security Bulletin: NVIDIA TensorRT - July 2026
NVIDIA has released a software update for NVIDIA® TensorRT. To protect your system, clone or update this software to TensorRT v11.0.0 and Polygraphy 0.50.0 from the NVIDIA/TensorRT GitHub repo, TensorRT product page, the network repository, or Python package index TensorRT, Polygraphy. Go to NVID...
CVE-2026-15685 Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability
Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2026-15685
CVE-2026-15685 affects Ollama, with the vulnerability located in the downloadBlob function where user-supplied data is not properly validated, allowing an out-of-bounds memory access and resulting in a denial-of-service condition. The issue, linked to ZDI-CAN-27277, can be triggered remotely with...
CVE-2026-14193
DVP80ES300T with Improper Validation of Array Index Vulnerability...
CVE-2026-14193
The vulnerability CVE-2026-14193 affects the DVP80ES300T device and is described as an Improper Validation of Array Index vulnerability. In the provided data, the CVSS v3.1 base score is 7.5 ( HIGH ), with Network attack vector, no privileges required, no user interaction, and availability impact...
CVE-2026-14193 DVP80ES300T - Improper Validation of Array Index Vulnerability
DVP80ES300T with Improper Validation of Array Index Vulnerability...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In the net: rose module, the function rosekillbydevice collects sockets into a local array, and then iterates over those arrays to disconnect sockets bound to devices that are being shut down. The loop mistakenly indexes arraycnt...
PT-2026-51708
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter module where the hbh mt6 check function fails to reject optsnr values supplied from userspace that exceed the capacity of the struct ip6t opts structure...
CVE-2026-45692
CVE-2026-45692 (Caddy) describes a remote admin authorization bypass where the /config traversal layer and the authorization layer disagree on the target object. Specifically, from 2.4.0 through 2.11.3, an authorized path such as /config/apps/http/servers/srv/routes/0 could be used to access or m...
CVE-2026-45692 Caddy: Remote Admin Authorization Bypass in `/config` API via Array Index Normalization
Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...
SUSE-SU-2026:2584-1 Security update for exiv2
This update for exiv2 fixes the following issues - CVE-2021-34334: DoS due to integer overflow in loop counter bsc1189338. - CVE-2026-25884: out-of-bounds read in CrwMap: decode0x0805 bsc1259083. - CVE-2026-27596: integer overflow in LoaderNative: getData leads to out-of-bounds read bsc1259084. -...
Carrier Corporation i-VU Improper Validation of Array Index (CVE-2025-0657)
CWE-129 Improper Validation of Array Index vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. Software uses an array index that has not been properly validated to ensure it falls within valid array bounds. This can result in out-of-bounds access,...
Automated Logic WebCTRL Improper Validation of Array Index (CVE-2025-0657)
CWE-129 Improper Validation of Array Index vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. Software uses an array index that has not been properly validated to ensure it falls within valid array bounds. This can result in out-of-bounds access,...
keycloak: Keycloak: Denial of Service via malformed Authorization header
A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...
CVE-2026-25276 Improper Validation of Array Index in Secure Processor
Memory corruption while using Strongbox due to missing bounds check...
CVE-2026-25276 Improper Validation of Array Index in Secure Processor
Memory corruption while using Strongbox due to missing bounds check...