Total
501 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1997 | 2 Redhat, X | 2 Enterprise Linux, Libx11 | 2025-04-11 | N/A |
| Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions. | ||||
| CVE-2013-1763 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-11 | N/A |
| Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message. | ||||
| CVE-2022-42254 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2025-04-10 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure. | ||||
| CVE-2022-33274 | 1 Qualcomm | 22 Qam8295p, Qam8295p Firmware, Qca6574au and 19 more | 2025-04-09 | 8.4 High |
| Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication. | ||||
| CVE-2007-5756 | 1 Winpcap | 1 Winpcap | 2025-04-09 | N/A |
| Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests. | ||||
| CVE-2009-3080 | 7 Canonical, Debian, Linux and 4 more | 16 Ubuntu Linux, Debian Linux, Linux Kernel and 13 more | 2025-04-09 | N/A |
| Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. | ||||
| CVE-2025-21423 | 2025-04-08 | 7.8 High | ||
| Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. | ||||
| CVE-2023-22401 | 1 Juniper | 2 Junos, Junos Os Evolved | 2025-04-07 | 7.5 High |
| An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On the PTX10008 and PTX10016 platforms running Junos OS or Junos OS Evolved, when a specific SNMP MIB is queried this will cause a PFE crash and the FPC will go offline and not automatically recover. A system restart is required to get the affected FPC in an operational state again. This issue affects: Juniper Networks Junos OS 22.1 version 22.1R2 and later versions; 22.1 versions prior to 22.1R3; 22.2 versions prior to 22.2R2. Juniper Networks Junos OS Evolved 21.3-EVO version 21.3R3-EVO and later versions; 21.4-EVO version 21.4R1-S2-EVO, 21.4R2-EVO and later versions prior to 21.4R2-S1-EVO; 22.1-EVO version 22.1R2-EVO and later versions prior to 22.1R3-EVO; 22.2-EVO versions prior to 22.2R1-S1-EVO, 22.2R2-EVO. | ||||
| CVE-2023-22408 | 1 Juniper | 4 Junos, Srx5400, Srx5600 and 1 more | 2025-04-07 | 7.5 High |
| An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an attacker sends an SIP packets with a malformed SDP field then the SIP ALG can not process it which will lead to an FPC crash and restart. Continued receipt of these specific packets will lead to a sustained Denial of Service. This issue can only occur when both below mentioned conditions are fulfilled: 1. Call distribution needs to be enabled: [security alg sip enable-call-distribution] 2. The SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. To confirm whether SIP ALG is enabled on SRX, and MX with SPC3 use the following command: user@host> show security alg status | match sip SIP : Enabled This issue affects Juniper Networks Junos OS on SRX 5000 Series: 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R1-S1, 22.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1. | ||||
| CVE-2025-21447 | 2025-04-07 | 7.8 High | ||
| Memory corruption may occur while processing device IO control call for session control. | ||||
| CVE-2003-0721 | 2 Redhat, Washington | 3 Enterprise Linux, Linux, Pine | 2025-04-03 | N/A |
| Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. | ||||
| CVE-2005-0369 | 1 Armagetronad | 2 Armagetron, Armagetron Advanced | 2025-04-03 | 5.3 Medium |
| Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array. | ||||
| CVE-2024-41564 | 1 Emilyploszaj | 1 Emi | 2025-03-26 | 4.3 Medium |
| EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication. | ||||
| CVE-2022-47348 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 4 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47345 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47344 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47343 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47342 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47347 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-25 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47346 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-25 | 4 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||