CWE:
 

Topic
Date
Author
High
FreeBSD Kernel Crash / Code Execution / Disclosure
28.01.2015
CoreLabs
High
Oracle VirtualBox 3D Acceleration Memory Corruption
12.03.2014
Core
High
Android MSM camera driver for the Linux kernel 3.x Buffer Overflow
14.01.2014
quicinc
High
SAP Netweaver Message Server Buffer Overflow
16.02.2013
Martin Gallo and

CVEMAP Search Results

CVE
Details
Description
2022-04-14
Medium
CVE-2021-21949
Vendor: Accusoft
Software: Imagegear
 
 
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability.

 
2022-04-06
Medium
CVE-2022-1237
Vendor: Radare
Software: Radare2
 
 
Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).

 
2022-03-16
Medium
CVE-2022-27223
Vendor: Linux
Software: Linux kernel
 
 
In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.

 
2022-02-11
Medium
CVE-2021-30325
Updating...
 
 
Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

 
2022-01-24
Low
CVE-2021-35005
Vendor: Teamviewer
Software: Teamviewer
 
 
This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818.

 
2021-12-07
Medium
CVE-2021-37062
Vendor: Huawei
Software: Harmonyos
 
 
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage.

 
High
CVE-2021-37057
Vendor: Huawei
Software: Harmonyos
 
 
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to restart the phone.

 
2021-11-12
Medium
CVE-2021-30255
Updating...
 
 
Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

 
2021-10-27
Low
CVE-2021-1117
Vendor: Nvidia
Software: Gpu display ...
 
 
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service.

 
2021-08-11
Medium
CVE-2021-38563
Vendor: Foxitsoftware
Software: Pdf editor
 
 
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It mishandles situations in which an array size (derived from a /Size entry) is smaller than the maximum indirect object number, and thus there is an attempted incorrect array access (leading to a NULL pointer dereference, or out-of-bounds read or write).

 

 

Copyright 2022, cxsecurity.com

 

Back to Top