CVE-2024-47796

An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-47796

CVE-2024-47796 is an out-of-bounds write in OFFIS DCMTK 3.6.8’s nowindow functionality caused by improper array index validation when parsing a crafted DICOM file. A malicious file can trigger this vulnerability, with local attack vector and high impact on confidentiality, integrity, and availabi...

CVE-2024-52333

An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-47796

An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

OFFIS DCMTK determineMinMax improper array index validation vulnerability

Talos Vulnerability Report TALOS-2024-2121 OFFIS DCMTK determineMinMax improper array index validation vulnerability January 13, 2025 CVE Number CVE-2024-52333 SUMMARY An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially...

OFFIS DCMTK nowindow improper array index validation vulnerability

Talos Vulnerability Report TALOS-2024-2122 OFFIS DCMTK nowindow improper array index validation vulnerability January 13, 2025 CVE Number CVE-2024-47796 SUMMARY An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM fi...

CVE-2024-45550 Improper Validation of Array Index in DSP Services

Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM driver IOCTL calls...

CVE-2024-45550

CVE-2024-45550 involves memory corruption when an IOCTL-calling application executes all MCDM driver IOCTL calls on Qualcomm chipsets. The affected component is the MCDM driver IOCTL interface; root cause is memory corruption triggered by IOCTL invocation patterns. Reported impact includes high c...

PT-2025-2931

Name of the Vulnerable Software and Affected Versions OFFIS DCMTK version 3.6.8 Description An improper array index validation issue exists in the determineMinMax functionality. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger...

CVE-2024-47249

CVE-2024-47249 affects Apache NimBLE up to version 1.7.0. The issue is improper validation of array indices for HCI events from the Bluetooth controller, which can cause out-of-bounds memory corruption and crashes. Upgrading to NimBLE 1.8.0 is recommended and fixes the issue. No exploitation deta...

BlueZ: Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability

A vulnerability was found in the BlueZ Audio Profile AVRCP, stemming from the improper validation of array indices. This flaw resides in the AVRCP protocol handling and arises due to inadequate validation of user-supplied data. Consequently, it may lead to writing beyond the bounds of an allocate...

Linux Kernel nftables Improper Validation of Array Index Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2023-31307

Improper validation of array index in Power Management Firmware PMFW may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service...

CVE-2024-5680

CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...

CVE-2024-21522

All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions it is not checked for negative values. This can lead to a process crash...

Audify.js Security Vulnerability

Audify.js is an application by the individual developer Almog Hamdani. It is used to play, stream, and record PCM audio data, and encode and decode Opus into PCM audio data. Audify.js suffers from a security vulnerability that stems from vulnerability to improper validation of array indexes, whic...

SUSE-SU-2024:2380-1 Security update for ppp

This update for ppp fixes the following issues: - CVE-2022-4603: Fixed improper validation of array index of the component pppdump bsc1218251...

PT-2024-5155 · Unknown · Foxboro.Sys

Name of the Vulnerable Software and Affected Versions: Foxboro.sys driver affected versions not specified Description: The issue is related to an Improper Validation of Array Index, which could cause a local denial-of-service when a malicious actor with local user access crafts a script or progra...

PT-2024-24758 · Samsung · Walrus

Name of the Vulnerable Software and Affected Versions: Walrus versions before 72c7230f32a0b791355bbdfc78669701024b0956 Description: The issue is related to an Improper Validation of Array Index in the Samsung Open Source Walrus Webassembly runtime engine, which can cause a segmentation fault...

SAMSUNG WALRUS Security Vulnerability

SAMSUNG WALRUS is a project of the South Korean company Samsung SAMSUNG. It aims to provide a lightweight WebAssembly runtime engine. A security vulnerability exists in SAMSUNG WALRUS that stems from improper array index validation leading to a segmentation error...