378 matches found
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the AMF process. An attacker can cause the service to crash and disrupt network operations by sending a specially crafted NAS Registration Request containing a malformed 5GS Mobile Identity...
Amazon Linux 2 : fontforge, --advisory ALAS2-2026-3164 (ALAS-2026-3164)
The version of fontforge installed on the remote host is prior to 20120731b-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3164 advisory. FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows...
Important: fontforge
Issue Overview: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the flow.cuda.getdeviceproperties function. An attacker can cause the application to crash or become unresponsive by supplying an invalid or negative device index. Remediation There is no fixed...
CVE-2026-0529
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the MongoDB protocol parser. An attacker can cause buffer overflows by sending specially crafted network traffic to a monitored network interface where MongoDB protocol parsing is enabled...
CVE-2026-0529
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
CVE-2026-0529
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
CVE-2026-0529 Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers
Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...
CVE-2026-0529
CVE-2026-0529 affects Elastic Beats Packetbeat MongoDB protocol parser. Affected software: Elastic Beats (Packetbeat) versions 7.x, 8.x before 8.19.10, and 9.x before 9.1.10 or 9.2.4. Root cause: Improper validation of array index (CWE-129) in the MongoDB protocol parser, which can permit buffer ...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the Graphite or Zookeeper server metricsets and the Prometheus helper module. An attacker can cause a service disruption by sending specially crafted, malformed payloads or metric data. Remediation...
Metricbeat affected by multiple denial of service vulnerabilities
Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...
CVE-2026-0528
Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...
CVE-2026-0528 Improper Input Validation in Metricbeat Leading to Denial of Service
Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...
Elastic Metricbeat 安全漏洞
Elastic Metricbeat is a metrics collector from the Dutch company Elastic. A security vulnerability exists in Elastic Metricbeat that stems from improper array index validation and insufficient input validation, which could lead to a denial of service by an attacker via specially crafted malformed...
CVE-2022-33302
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length...
CVE-2022-33256
Memory corruption due to improper validation of array index in Multi-mode call processor...
CVE-2022-33274
Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication...
CVE-2022-33275
Memory corruption due to improper validation of array index in WLAN HAL when received lmitemNum is out of range...
SUSE CVE-2025-15271
FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit ...