CWE:
 

Tytuł
Data
Autor
High
FreeBSD Kernel Crash / Code Execution / Disclosure
28.01.2015
CoreLabs
High
Oracle VirtualBox 3D Acceleration Memory Corruption
12.03.2014
Core
High
Android MSM camera driver for the Linux kernel 3.x Buffer Overflow
14.01.2014
quicinc
High
SAP Netweaver Message Server Buffer Overflow
16.02.2013
Martin Gallo and


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-01-24
Waiting for details
CVE-2021-35005

Updating...
 

 
This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818.

 
2021-12-07
High
CVE-2021-37057

Vendor: Huawei
Software: Harmonyos
 

 
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to restart the phone.

 
Medium
CVE-2021-37062

Vendor: Huawei
Software: Harmonyos
 

 
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage.

 
2021-11-12
Medium
CVE-2021-30255

Updating...
 

 
Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

 
2021-10-27
Low
CVE-2021-1117

Vendor: Nvidia
Software: Gpu display ...
 

 
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service.

 
2021-08-11
Medium
CVE-2021-38563

Vendor: Foxitsoftware
Software: Pdf editor
 

 
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It mishandles situations in which an array size (derived from a /Size entry) is smaller than the maximum indirect object number, and thus there is an attempted incorrect array access (leading to a NULL pointer dereference, or out-of-bounds read or write).

 
Medium
CVE-2020-28589

Vendor: Tinyobjloader project
Software: Tinyobjloader
 

 
An improper array index validation vulnerability exists in the LoadObj functionality of tinyobjloader v2.0-rc1 and tinyobjloader development commit 79d4421. A specially crafted file could lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

 
2021-07-26
Medium
CVE-2020-18430

Vendor: Tinyexr project
Software: Tinyexr
 

 
tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service (DOS).

 
Medium
CVE-2020-18428

Vendor: Tinyexr project
Software: Tinyexr
 

 
tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS).

 
2021-07-13
High
CVE-2020-11307

Updating...
 

 
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

 

 


Copyright 2022, cxsecurity.com

 

Back to Top