Total
327 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28004 | 1 Schneider-electric | 2 Powerlogic Hdpm6000, Powerlogic Hdpm6000 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| A CWE-129: Improper validation of an array index vulnerability exists where a specially crafted Ethernet request could result in denial of service or remote code execution. | |||||
| CVE-2022-25711 | 1 Qualcomm | 116 Aqt1000, Aqt1000 Firmware, Mdm9150 and 113 more | 2023-04-19 | N/A | 7.8 HIGH |
| Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2022-25720 | 1 Qualcomm | 370 Apq8009, Apq8009 Firmware, Apq8009w and 367 more | 2023-04-19 | N/A | 9.8 CRITICAL |
| Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35126 | 1 Qualcomm | 52 Qam8295p, Qam8295p Firmware, Qca6391 and 49 more | 2023-04-19 | 7.2 HIGH | 7.8 HIGH |
| Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-25690 | 1 Qualcomm | 304 Apq8096au, Apq8096au Firmware, Aqt1000 and 301 more | 2023-04-19 | N/A | 7.5 HIGH |
| Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2022-25695 | 1 Qualcomm | 394 Apq8009, Apq8009 Firmware, Apq8009w and 391 more | 2023-04-19 | N/A | 7.8 HIGH |
| Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2022-38072 | 2 Admesh Project, Slic3r | 2 Admesh, Libslic3r | 2023-04-09 | N/A | 8.8 HIGH |
| An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2020-20412 | 2 Stepmania, Xiph.org | 2 Stepmania, Libvorbis | 2023-03-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146. | |||||
| CVE-2023-20633 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6735 and 22 more | 2023-03-13 | N/A | 6.7 MEDIUM |
| In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628508; Issue ID: ALPS07628508. | |||||
| CVE-2019-13418 | 1 Search-guard | 1 Search Guard | 2023-03-02 | 5.0 MEDIUM | 7.5 HIGH |
| Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized. | |||||
| CVE-2022-47348 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | |||||
| CVE-2022-47347 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | |||||
| CVE-2022-47346 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | |||||
| CVE-2022-47345 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | |||||
| CVE-2022-47344 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | |||||
| CVE-2022-47343 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | |||||
| CVE-2022-47342 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | |||||
| CVE-2011-1169 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 7.2 HIGH | N/A |
| Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer. | |||||
| CVE-2010-2806 | 3 Apple, Canonical, Freetype | 5 Iphone Os, Mac Os X, Tvos and 2 more | 2023-02-13 | 6.8 MEDIUM | N/A |
| Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. | |||||
| CVE-2009-3080 | 7 Canonical, Debian, Linux and 4 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2023-02-13 | 7.2 HIGH | N/A |
| Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. | |||||