CVE-2026-43274

A flaw was found in the Linux kernel's mailbox subsystem, specifically within the mchp-ipc-sbi component. This vulnerability involves an out-of-bounds access in the mchpipcgetclusteraggrirq function. The clustercfg array, which holds per-CPU configuration structures, was incorrectly indexed using...

CVE-2026-43034

A flaw was found in the bnxten driver within the Linux kernel. This vulnerability arises from the bnxthwrmfuncbackingstoreqcapsv2 function using an incorrect type value from the firmware response to index internal data arrays. This improper indexing could lead to memory corruption, potentially...

PT-2025-53167

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.0-48 Description The Linux kernel contains a flaw within the ixgbe driver related to handling XDP TX operations on systems with more than 64 CPUs. A kernel panic can occur due to an array-index-out-of-bounds...

CVE-2025-39975 smb: client: fix wrong index reference in smb2_compound_op()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix wrong index reference in smb2compoundop In smb2compoundop, the loop that processes each command's response uses wrong indices when accessing response bufferes. This incorrect indexing leads to improper handling o...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD CVE-2024-49994 In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path CVE-2024-50014 In the Linux...

CVE-2024-54137

A flaw was found in the liboqs library. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is incorrectly treated as non-secret data. This issue results in an incorrect shared secret valu...

CVE-2024-54137

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is incorrectly treat...

liboqs 信息泄露漏洞

liboqs is an Open Quantum Safe open source C library for quantum-safe cryptographic algorithms. An information disclosure vulnerability exists in versions of liboqs prior to 0.12.0 that stems from an indexing error where part of the key is incorrectly treated as non-secret data, resulting in the...

The vulnerability of the ltc2991_is_visible() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ltc2991isvisible function in the Linux operating system’s kernel is related to an indexing calculation error. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the dbMount function (fs/jfs/jfs_dmap.c) in the Linux operating system allows a local attacker to execute arbitrary code.

The vulnerability of the dbMount function fs/jfs/jfsdmap.c in the jfs file system of the Linux operating system is related to the issue where writing operations go beyond the array boundaries when indexing is performed, especially when attempting to mount a faulty file system with an incorrect...

The vulnerability of the tinyexr::SaveEXR component in the OpenEXR Tinyexr image processing library allows a attacker to cause a service failure.

The vulnerability of the tinyexr::SaveEXR component in the OpenEXR Tinyexr processing library is related to an error in the array indexing mechanism. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability in the tinyexr::DecodeEXRImage component of the OpenEXR Tinyexr processing library allows a attacker to cause a service failure.

The vulnerability of the tinyexr::DecodeEXRImage component in the OpenEXR Tinyexr processing library is related to an error in the array indexing mechanism. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

PT-2022-11306 · V2Fly +1 · V2Ray-Core +1

Name of the Vulnerable Software and Affected Versions: v2fly/v2ray-core versions prior to 4.44.0 Description: The issue is related to an off-by-one error in indexing operations on arrays, slices, or strings. This error occurs when the index is checked for being less than or equal to the length =,...

tinyexr Denial of Service Vulnerability (CNVD-2021-94957)

tinyexr is a small library for loading and saving OpenEXR .exr images. tinyexr version 0.9.5 suffers from a denial-of-service vulnerability. The vulnerability stems from an array indexing error in the tinyexr::SaveEXR component. An attacker could exploit this vulnerability to cause a denial of...

tinyexr denial of service vulnerability

tinyexr is a small library for loading and saving OpenEXR .exr images. tinyexr version 0.9.5 suffers from a denial-of-service vulnerability. The vulnerability stems from an array indexing error in the tinyexr::DecodeEXRImage component. An attacker could exploit this vulnerability to cause a denia...

tinyexr commit 输入验证错误漏洞

tinyexr is a small library for loading and saving OpenEXR .exr images. tinyexr version 0.9.5 suffers from a denial-of-service vulnerability. The vulnerability stems from an array indexing error in the tinyexr::SaveEXR component. An attacker could exploit this vulnerability to cause a denial of...

The vulnerability of Linux software’s kernel graphics processor drivers from Qualcomm, related to array indexing errors, allows attackers to execute arbitrary code.

The vulnerability of the graphics processor driver of the Linux operating system software developed by Qualcomm is related to array indexing errors. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists through multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mo...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists as multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov fil...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists as multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov fil...