Lucene search
K

379 matches found

RedhatCVE
RedhatCVE
added 2025/09/08 5:31 p.m.2 views

CVE-2024-21970

Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity...

4.4CVSS6.7AI score0.00126EPSS
Exploits0References1
NVD
NVD
added 2025/09/06 6:15 p.m.15 views

CVE-2024-21970

Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity...

4.4CVSS0.00126EPSS
Exploits0References2
CVE
CVE
added 2025/09/06 5:20 p.m.15 views

CVE-2024-21970

CVE-2024-21970 describes improper validation of an array index in the AND power Management Firmware, causing possible AGESA memory corruption and loss of integrity when exploited by a privileged attacker. Connected documents identify affected AMD Client Processor platforms and indicate mitigation...

4.4CVSS6.1AI score0.00126EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/06 5:20 p.m.11 views

CVE-2024-21970

Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity...

4.4CVSS0.00126EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/06 5:20 p.m.2 views

CVE-2024-21970

Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity...

4.4CVSS6AI score0.00126EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/06 4:26 p.m.4 views

CVE-2023-31306

Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management DPM functions resulting in an out of bounds read and loss of availability...

3.3CVSS6.3AI score0.00114EPSS
Exploits0References1
CVE
CVE
added 2025/09/06 4:26 p.m.25 views

CVE-2023-31306

CVE-2023-31306 concerns the AMD graphics driver software and its dynamic power management (DPM) handling. The root cause is improper validation of an array index, which can enable passing malformed arguments to DPM functions, causing an out-of-bounds read and resulting in loss of availability. Th...

3.3CVSS6.3AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/06 12:0 a.m.5 views

AMD Embedded Processors和AMD Client Processor 安全漏洞

AMD Embedded Processors and AMD Client Processor are both products of AMD Semiconductor, Inc.AMD Embedded Processors are a family of embedded high-performance GPUs.AMD Client Processor is a processor for client devices such as personal computers, AMD Embedded Processors and AMD Client Processors...

4.4CVSS6.6AI score0.00126EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/03 12:0 a.m.4 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the decodearrayindexfrompointer function when processing crafted JSON pointer strings. An attacker can cause a denial of service and unexpected behavior by supplying inputs with non-digit character...

9.8CVSS6.8AI score0.00693EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-1237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more...

7.8CVSS7.2AI score0.00827EPSS
Exploits1References2
CNVD
CNVD
added 2025/08/18 12:0 a.m.3 views

Huawei HarmonyOS audio codec module array index improper validation vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper array index validation vulnerability exists in the Huawei HarmonyOS audio codec module, which can be exploited by an attacker to cause audio...

5.3CVSS6.8AI score0.00149EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/08/07 12:0 a.m.9 views

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to perform a spoofing attack or cause a system failure.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to improper validation of the array index. Exploiting this vulnerability can allow an attacker to perform a spoofing attack or cause service failures...

7.1CVSS5.4AI score0.00182EPSS
Exploits0References3Affected Software3
Vulnrichment
Vulnrichment
added 2025/08/06 7:26 a.m.5 views

CVE-2025-27075 Improper Validation of Array Index in Bluetooth HOST

Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host...

7.8CVSS7.1AI score0.00087EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/06 7:26 a.m.9 views

CVE-2025-27067 Improper Validation of Array Index in DSP Service

Memory corruption while processing DDI call with invalid buffer...

7.8CVSS0.00087EPSS
Exploits0References1
CVE
CVE
added 2025/08/06 7:26 a.m.17 views

CVE-2025-27067

CVE-2025-27067 is described as memory corruption that occurs while processing a DDI call with an invalid buffer. The entry is linked to Qualcomm chipsets (DSP service) and is scored CVSS v3.1: Local attack, Low attack complexity, Privileges required, no user interaction, with high impact on confi...

7.8CVSS6.8AI score0.00087EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/11 7:20 a.m.15 views

CVE-2025-5866

A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function syssigprocmask of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument how leads to improper validation of array index...

9.8CVSS7.9AI score0.00758EPSS
Exploits1References1
NVD
NVD
added 2025/06/09 8:15 a.m.52 views

CVE-2025-5868

A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function systhreadsigprocmask of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument how leads to improper validation of array index...

9.8CVSS0.01018EPSS
Exploits1References4
NVD
NVD
added 2025/06/09 7:15 a.m.39 views

CVE-2025-5866

A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function syssigprocmask of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument how leads to improper validation of array index...

9.8CVSS0.00758EPSS
Exploits1References4
OSV
OSV
added 2025/06/09 7:0 a.m.4 views

CVE-2025-5866 RT-Thread lwp_syscall.c sys_sigprocmask array index

A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function syssigprocmask of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument how leads to improper validation of array index...

8.6CVSS5.6AI score0.00758EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/05/28 2:51 p.m.13 views

CVE-2025-3357 IBM Tivoli Monitoring code execution

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array...

9.8CVSS7.8AI score0.00824EPSS
Exploits0References1
Rows per page
Query Builder