OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow

...

KLA62829 ACE vulnerability in Microsoft Mariner

A array-bounds overflow vulnerability was found in Microsoft Mariner. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2022-35737 Exploitation Public exploits exist for this vulnerability. Related products CBL-Mariner-2.0 CVE list CVE-2022-35737...

kernel: wifi: iwlwifi: mvm: fix potential array out of bounds access

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWLSECWEPKEYOFFSET when needed while verifying keylen size in iwlmvmseckeyadd...

kernel: wifi: iwlwifi: mvm: fix potential array out of bounds access

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWLSECWEPKEYOFFSET when needed while verifying keylen size in iwlmvmseckeyadd...

Rocky Linux 8 : sqlite (RLSA-2023:0110)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:0110 advisory. - SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

rngComplete() function is vulnerable to an array out of bounds error

Lines of code Vulnerability details Impact A malicious actor can manipulate the AuctionResult passed to RewardLib.rewards to make it return a short rewards array Proof of Concept The issue is that there is no check that i stays within the bounds of rewards. If rewards is shorter than expected, th...

Moxa IKS, EDS Out-of-Bounds Read (CVE-2019-6522)

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot. This plugin only works with Tenable.ot. Please visit...

The vulnerability of the backtrace function in the GNU C Library allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the backtrace function in the GNU C Library is related to writing beyond buffer boundaries due to incorrect checks on array bounds. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

Medium: libX11

Issue Overview: A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array...

propose function Can lead to unexpected behavior

Lines of code Vulnerability details Impact Problème in the propose function, specifically in the construction of the targets, values, signatures, and calldatas arrays. These arrays are used to define the transactions that will be executed within the proposal, So the problem arises from the use of...

CVE-2023-3138

A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...

CVE-2023-3138

A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...

CVE-2023-3138

A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...

PT-2025-54008

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the qla2xxx driver within the Linux kernel where an array index may go out of bounds. Specifically, the array vha-host str of size 16 may be accessed with index values...

PT-2025-49478

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the media subsystem, specifically within the MediaTek vcodec decoder queue setup function. A user-supplied variable, nplanes, obtained through a syste...

Important: sqlite

Issue Overview: SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Affected Packages: sqlite Issue Correction: Run dnf update sqlite --releasever 2023.0.20230322 or dnf update --advisor...

SUSE CVE-2019-11775

All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the...