Important: fontforge

Issue Overview: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the flow.cuda.getdeviceproperties function. An attacker can cause the application to crash or become unresponsive by supplying an invalid or negative device index. Remediation There is no fixed...

CVE-2026-0529

Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the MongoDB protocol parser. An attacker can cause buffer overflows by sending specially crafted network traffic to a monitored network interface where MongoDB protocol parsing is enabled...

CVE-2026-0529

Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...

CVE-2026-0529

Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...

CVE-2026-0529

CVE-2026-0529 affects Elastic Beats Packetbeat MongoDB protocol parser. Affected software: Elastic Beats (Packetbeat) versions 7.x, 8.x before 8.19.10, and 9.x before 9.1.10 or 9.2.4. Root cause: Improper validation of array index (CWE-129) in the MongoDB protocol parser, which can permit buffer ...

CVE-2026-0529 Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers

Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the Graphite or Zookeeper server metricsets and the Prometheus helper module. An attacker can cause a service disruption by sending specially crafted, malformed payloads or metric data. Remediation...

Metricbeat affected by multiple denial of service vulnerabilities

Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...

CVE-2026-0528

Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...

CVE-2026-0528 Improper Input Validation in Metricbeat Leading to Denial of Service

Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...

Elastic Metricbeat 安全漏洞

Elastic Metricbeat is a metrics collector from the Dutch company Elastic. A security vulnerability exists in Elastic Metricbeat that stems from improper array index validation and insufficient input validation, which could lead to a denial of service by an attacker via specially crafted malformed...

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length...

CVE-2022-33256

Memory corruption due to improper validation of array index in Multi-mode call processor...

CVE-2022-33274

Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication...

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lmitemNum is out of range...

SUSE CVE-2025-15271

FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit ...

CVE-2025-47393 Improper Validation of Array Index in Automotive Linux OS

Memory corruption when accessing resources in kernel driver...

CVE-2025-47393

CVE-2025-47393 involves memory corruption when accessing resources in a kernel driver. Multiple feeds (NVD, Red Hat, CVE lists, CIRCL, CNNVD) reiterate the issue as memory corruption in kernel driver access, with Qualcomm chipsets repeatedly cited in related items. The available data list an atta...