Vulnerabilities (CVE)

Filtered by CWE-129
Total 316 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-2214 2024-06-10 N/A 7.0 HIGH
In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/tx_clib_lock.c
CVE-2024-22181 2024-06-10 N/A 7.8 HIGH
An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2023-36308 1 Disintegration 1 Imaging 2024-06-10 N/A 5.5 MEDIUM
disintegration Imaging 1.6.2 allows attackers to cause a panic (because of an integer index out of range during a Grayscale call) via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence
CVE-2023-27349 2024-06-10 N/A 7.1 HIGH
BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19908.
CVE-2023-6298 1 Itextpdf 1 Itext 2024-05-17 5.0 MEDIUM 6.5 MEDIUM
A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability affects the function main of the file PdfDocument.java. The manipulation leads to improper validation of array index. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of this vulnerability is VDB-246124. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. A statement published afterwards explains that the exception is not a vulnerability and the identified CWEs might not apply to the software.
CVE-2023-36307 1 Simonwaldherr 1 Zplgfa 2024-05-17 N/A 5.5 MEDIUM
ZPLGFA 1.1.1 allows attackers to cause a panic (because of an integer index out of range during a ConvertToGraphicField call) via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence
CVE-2023-40477 2024-05-03 N/A 7.8 HIGH
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21233.
CVE-2023-28573 1 Qualcomm 398 315 5g Iot, 315 5g Iot Firmware, Aqt1000 and 395 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in WLAN HAL while parsing WMI command parameters.
CVE-2023-28567 1 Qualcomm 582 315 5g Iot, 315 5g Iot Firmware, Aqt1000 and 579 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2023-28565 1 Qualcomm 588 9205 Lte, 9205 Lte Firmware, Apq8017 and 585 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVE-2023-28558 1 Qualcomm 398 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 395 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
CVE-2023-28557 1 Qualcomm 556 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 553 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
CVE-2023-28548 1 Qualcomm 366 Aqt1000, Aqt1000 Firmware, Ar8035 and 363 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.
CVE-2023-24850 1 Qualcomm 412 Apq5053-aa, Apq5053-aa Firmware, Apq8017 and 409 more 2024-04-12 N/A 7.8 HIGH
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
CVE-2023-21650 1 Qualcomm 102 Aqt1000, Aqt1000 Firmware, Csrb31024 and 99 more 2024-04-12 N/A 7.8 HIGH
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.
CVE-2023-21636 1 Qualcomm 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more 2024-04-12 N/A 7.8 HIGH
Memory Corruption due to improper validation of array index in Linux while updating adn record.
CVE-2022-40539 1 Qualcomm 50 Qam8295p, Qam8295p Firmware, Qca6574au and 47 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in Automotive Android OS due to improper validation of array index.
CVE-2022-40537 1 Qualcomm 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more 2024-04-12 N/A 9.8 CRITICAL
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
CVE-2022-40534 1 Qualcomm 26 Snapdragon W5\+ Gen 1 Wearable Platform, Snapdragon W5\+ Gen 1 Wearable Platform Firmware, Sw5100 and 23 more 2024-04-12 N/A 7.8 HIGH
Memory corruption due to improper validation of array index in Audio.
CVE-2022-33302 1 Qualcomm 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 447 more 2024-04-12 N/A 7.8 HIGH
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.