Total
327 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40537 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-04-12 | 9.8 Critical |
| Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. | ||||
| CVE-2022-40534 | 1 Qualcomm | 26 Snapdragon W5\+ Gen 1 Wearable Platform, Snapdragon W5\+ Gen 1 Wearable Platform Firmware, Sw5100 and 23 more | 2024-04-12 | 7.8 High |
| Memory corruption due to improper validation of array index in Audio. | ||||
| CVE-2022-33302 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 447 more | 2024-04-12 | 7.8 High |
| Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | ||||
| CVE-2022-33289 | 1 Qualcomm | 452 315 5g Iot Modem, 315 5g Iot Modem Firmware, 7wcn785x-1 and 449 more | 2024-04-12 | 6.8 Medium |
| Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | ||||
| CVE-2022-33281 | 1 Qualcomm | 16 Sm8450, Sm8450 Firmware, Wcd9380 and 13 more | 2024-04-12 | 7.8 High |
| Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames. | ||||
| CVE-2022-33275 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 515 more | 2024-04-12 | 7.8 High |
| Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. | ||||
| CVE-2022-33256 | 1 Qualcomm | 130 Ar8035, Ar8035 Firmware, Qca6390 and 127 more | 2024-04-12 | 9.8 Critical |
| Memory corruption due to improper validation of array index in Multi-mode call processor. | ||||
| CVE-2023-43535 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2024-04-12 | 7.8 High |
| Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger. | ||||
| CVE-2023-33053 | 1 Qualcomm | 234 Csr8811, Csr8811 Firmware, Immersive Home 214 Platform and 231 more | 2024-04-12 | 7.8 High |
| Memory corruption in Kernel while parsing metadata. | ||||
| CVE-2023-33111 | 2024-04-12 | 5.5 Medium | ||
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. | ||||
| CVE-2023-39235 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->num_time_ticks`. | ||||
| CVE-2023-39234 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->numrealfacs`. | ||||
| CVE-2023-35997 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | 7.8 High |
| Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 2 or more. | ||||
| CVE-2023-35996 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | 7.8 High |
| Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 0. | ||||
| CVE-2023-35995 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | 7.8 High |
| Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 1. | ||||
| CVE-2023-35994 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | 7.8 High |
| Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta initialization part. | ||||
| CVE-2023-51455 | 2024-04-02 | 6.8 Medium | ||
| A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the on_receive_session_packet_ack function implemented in the libv2_sdk.so library used by the dji_vtwo_sdk binary implementing the service, potentially leading to a memory information leak or to an arbitrary code execution. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620. | ||||
| CVE-2022-35737 | 3 Netapp, Splunk, Sqlite | 3 Ontap Select Deploy Administration Utility, Universal Forwarder, Sqlite | 2024-03-27 | 7.5 High |
| SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. | ||||
| CVE-2024-0901 | 2024-03-26 | 7.5 High | ||
| Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length. | ||||
| CVE-2024-21493 | 2024-03-06 | 5.3 Medium | ||
| All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead to a panic (index out of range). Panics during the parsing of a configuration file may introduce ambiguity and vulnerabilities, hindering the correct interpretation and configuration of the web server. | ||||