CVE-2020-27483

Garmin Forerunner 235 before 8.20 is affected by an Array index error in the ConnectIQ TVM. The attacker must upload a malicious ConnectIQ application to the ConnectIQ store; the interpreter trusts an offset for the stack value duplication instruction (DUP) that is unchecked, allowing memory befo...

CVE-2020-27483

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the offset provided...

CVE-2020-27485

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index...

CVE-2020-27485

Garmin Forerunner 235 (pre-8.20) vulnerability in ConnectIQ TVM: an array index error lets a malicious ConnectIQ app store payload read/write memory outside the TVM context, enabling a use-after-free and constrained read/write primitive across the MAX32630 address space. The issue requires the at...

CVE-2020-11881

An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964...

Design/Logic Flaw

An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964...

CVE-2020-11881

An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964...

CVE-2020-11881

CVE-2020-11881 affects MikroTik RouterOS SMB service. An array-index error in RouterOS 6.41.3–6.46.5 and 7.x–7.0 Beta5 allows an unauthenticated remote attacker to crash the SMB server via crafted setup-request packets (SUP-12964). The vulnerability enables at least a DoS condition on the SMB ser...

Privilege Escalation

cvs is vulnerable to Privilege Escalation. Array index error in the applyrcschange function in rcs.c in CVS allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

Arbitrary Code Execution

openoffice.org is vulnerable to arbitrary code execution. The vulnerability exists as a heap-based buffer overflow flaw and an array index error were found in the way OpenOffice.org parsed certain Microsoft Office Word documents. An attacker could use these flaws to create a specially-crafted...

Arbitrary Code Execution

openoffice.org is vulnerable to arbitrary code execution. The vulnerability exists as an array index error and an integer signedness error were found in the way OpenOffice.org parsed certain Rich Text Format RTF files. An attacker could use these flaws to create a specially-crafted RTF file that,...

Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists through an array index error was found in the way the FreeType font rendering engine processed certain PostScript Type 42 font files. If a user loaded a specially-crafted font file with an application linked against...

Denial Of Service (DoS)

pango is vulnerable to denial of service. An input sanitization flaw, leading to an array index error, was found in the way the Pango font rendering library synthesized the Glyph Definition GDEF table from a font's character map and the Unicode property database. If an attacker created a...

Denial Of Service (DoS)

The kernel is vulnerable to Denial Of Service DoS. An array index error was found in the gdth driver. A local user could send a specially-crafted IOCTL request that would cause a denial of service or, possibly, privilege escalation...

CVE-2019-9162

It was found that there are insufficient ASN.1 sequence length checks a.k.a. an array index error in the Linux kernel in the snmpversion and snmphelper functions in the net/ipv4/netfilter/nfnatsnmpbasicmain.c in the nfnatsnmpbasic module making out-of-bounds read and write operations possible. An...

Huawei EulerOS: Security Advisory for cvs (EulerOS-SA-2019-1455)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1518)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-8366

Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...

CVE-2015-8366

Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...

ALPINE-CVE-2015-8366

Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...