19 matches found
CVE-2026-59162
Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, Excelize parses shared-string cell values with strconv.Atoi and checks only the upper bound before indexing the shared string slice, allowing an XLSX file containing a shared-string cell with ...
CVE-2026-59162
The CVE concerns the Go-based Excelize library (v2.x) where, prior to 2.11.0, shared-string cell values could be indexed with -1, causing a panic in GetCellValue and GetRows. The issue stems from parsing shared-strings with strconv.Atoi and only an upper bound check before indexing the sharedStri...
EUVD-2025-176177
Malicious code in string-index-dog-abstract-simple npm...
kernel: wifi: brcmfmac: Check the return value of of_property_read_string_index()
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check the return value of ofpropertyreadstringindex Somewhen between 6.10 and 6.11 the driver started to crash on my MacBookPro14,3. The property doesn't exist and 'tmp' remains uninitialized, so we pass a random...
wifi: brcmfmac: Check the return value of of_property_read_string_index()
...
DEBIAN-CVE-2025-21750
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check the return value of ofpropertyreadstringindex Somewhen between 6.10 and 6.11 the driver started to crash on my MacBookPro14,3. The property doesn't exist and 'tmp' remains uninitialized, so we pass a random...
AZL-68976 CVE-2025-21750 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check the return value of ofpropertyreadstringindex Somewhen between 6.10 and 6.11 the driver started to crash on my MacBookPro14,3. The property doesn't exist and 'tmp' remains uninitialized, so we pass a random...
PT-2025-8862
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.10 through 6.11 Description A vulnerability in the Linux kernel has been identified, specifically in the brcmfmac driver. The issue arises when the of property read string index function returns an uninitialized value,...
GHSA-94W5-RF69-2H6C hson-java vulnerable to denial of service
An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service DoS via supplying a crafted JSON string to string a StringIndexOutOfBoundsException...
PT-2023-27072 · Unknown · Hjson-Java
Name of the Vulnerable Software and Affected Versions: hjson-java versions up to v3.0.0 Description: The issue allows attackers to cause a Denial of Service DoS via supplying a crafted JSON string. This can lead to a StringIndexOutOfBoundsException. Recommendations: For hjson-java versions up to...
SUSE CVE-2019-12972
An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in bfddoprnt in bfd.c because elfobjectp in elfcode.h mishandles an eshstrndx section of type SHTGROUP by omitting a trailing '\0' character...
Meta ReDex 缓冲区错误漏洞
Meta ReDex is an Android bytecode dex optimizer from Meta USA. Meta ReDex suffers from a security vulnerability that stems from the possibility of loading an out-of-bounds address when loading a string index table, which could allow remote code execution when processing third-party Android APK...
DEBIAN-CVE-2019-25043
ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process crash for a "Cookie: =abc" header...
Out-of-bounds
In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur...
CVE-2020-12247
In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur...
openSUSE Security Update : java-11-openjdk (openSUSE-2019-2565)
This update for java-11-openjdk to version jdk-11.0.5-10 fixes the following issues : Security issues fixed October 2019 CPU bsc1154212: - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Bett...
openSUSE Security Update : java-11-openjdk (openSUSE-2019-2557)
This update for java-11-openjdk to version jdk-11.0.5-10 fixes the following issues : Security issues fixed October 2019 CPU bsc1154212: - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Bett...
Security update for java-11-openjdk (important)
openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:2557-1 Rating: important References: 1152856 1154212 Cross-References: CVE-2019-2894 CVE-2019-2933 CVE-2019-2945 CVE-2019-2949 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975...
Failed to update listener certificate in XMS 10.6
While importing renewed SSL listener certificate on XMS 10.6 following error is observed on XMS debug logs. 2017-06-22T11:47:55.251+0300 | A7B895C5041828EC | INFO | http-nio-14443-exec-7 | com.citrix.controlpoint.rest.CertificateMgmtResource | Uploading certificate to be used As : listener . none...