WordPress plugin ProSolution WP Client 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

OpenSTAManager SQL注入漏洞

OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to v2.9.8 contained a SQL injection vulnerability. This vulnerability stemmed from insufficient validation of the idrecords array in the batch operation...

EUVD-2017-2310

Malware in sbrugna...

CVE-2025-21777 ring-buffer: Validate the persistent meta data subbuf array

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Validate the persistent meta data subbuf array The meta data for a mapped ring buffer contains an array of indexes of all the subbuffers. The first entry is the reader page, and the rest of the entries lay out the...

CVE-2023-31307

Improper validation of array index in Power Management Firmware PMFW may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service...

libigl 安全漏洞

libigl is a simple C++ geometry processing library open-sourced by libigl. A security vulnerability exists in libigl version v2.5.0, which stems from incorrect array index validation. An attacker exploits the vulnerability to cause an out-of-bounds write via a specially crafted .msh file...

CVE-2023-31194

An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...

UBUNTU-CVE-2022-38072

An improper array index validation vulnerability exists in the stlfixnormaldirections functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Cross-Site Scripting (XSS)

edge.js is vulnerable to cross-site scripting. A lack of validation of type when an attacker inputs an array regardless of the use of instead of a string allows an attacker to inject and execute malicious script...

CVE-2020-25793

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From...

Input validation

Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...

CVE-2018-5903

Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...

CVE-2018-5903

CVE-2018-5903 is an out-of-bounds read caused by improper validation of an array when processing the VDEV stop response in Qualcomm WLAN firmware (qcacld 3.0). Affected products span Qualcomm/Snapdragon platforms including Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapd...

Laravel 5.4 Cross Site Scripting

Exploit Title: Laravel non-presistent XSS in validation of arrays Date: 06/03/2017 Exploit Author: MaHDyfo mahdyfofthe at signgmail.com Vendor Homepage: laravel.com Version: 5.4 In Laravel validation rules, assume that you set a rule to get an array input. $this-validate$request, 'lessons' =...

Design/Logic Flaw

Microsoft Publisher 2003 SP3 does not properly validate the size of an unspecified array, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Negative Value Allocation Vulnerability."...