10811 matches found
CVE-2025-13120
A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...
CLSA-2025-1763731262 kernel: Fix of 63 CVEs
media: bttv: fix use after free error due to btv-timeout timer CVE-2023-52847 CVE-2023-52847 - firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 CVE-2022-50087 - wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 CVE-2023-53226 - vsock:...
EUVD-2025-198501
MLX has heap-buffer-overflow in load...
JLSEC-2025-213 An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS)
An issue was discovered in Mbed TLS before 2.25.0 and before 2.16.9 LTS and before 2.7.18 LTS. A NULL algorithm parameters entry looks identical to an array of REAL size zero and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate...
CLSA-2025-1763734783 kernel: Fix of 64 CVEs
media: bttv: fix use after free error due to btv-timeout timer CVE-2023-52847 - firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 - wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 - vsock: Fix transport TOCTOU CVE-2025-38461 - ALSA:...
Improper Validation of Array Index
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Validation of Array Index via the MultiModalDataParser input processor. An attacker can cause the engine to crash by submitting multimodal...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the fs/diriterate/diriterate.go:Next function. An attacker can cause the application to crash by triggering a filesystem traversal fallback path that leads to an over-indexing of an empty slice when...
Denial-of-service (DoS)
github.com/argoproj/argo-cd is vulnerable to a denial-of-service DoS. The vulnerability is due to Argo CD’s /api/webhook endpoint accessing an array index without validating its length, which allows an attacker to crash the argocd-server process using a single unauthenticated HTTP POST with an...
TencentOS Server 3: postgresql:10 (TSSA-2023:0321)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0321 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 4: ffmpeg (TSSA-2024:0567)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0567 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
mruby array.c sort_cmp use after free
...
bpf: fix potential 32-bit overflow when accessing ARRAY map element
...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56598)
jfs: array-index-out-of-bounds fix in dtReadFirst. The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens SCALANCE and RUGGEDCOM Devices Improper Validation of Array Index (CVE-2024-56785)
MIPS: Loongson64: DTS: issues with PCIe port nodes for ls7a. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504762; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42148)
bnx2x: multiple UBSAN array-index-out-of-bounds. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504470; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56596)
jfs: array-index-out-of-bounds in jfsreaddir. The stbl might contain some invalid values. Added a check to return error code in that case. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56595)
jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree. When the value of lp is 0 at the beginning of the for loop, it will become negative in the next assignment and we should bail out. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot f...
SUSE CVE-2025-40118
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
SUSE CVE-2025-40180
In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop The cleanup loop was starting at the wrong array index, causing out-of-bounds access. Start the loop at the correct index for zero-indexed arrays to prevent...
EUVD-2025-175315
A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...