Filtered by CWE-129
Filtered by vendor Subscriptions
Total 436 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-1998 2 Redhat, X.org 2 Enterprise Linux, Libxi 2024-11-21 N/A
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
CVE-2013-1997 2 Redhat, X 2 Enterprise Linux, Libx11 2024-11-21 N/A
Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.
CVE-2013-1763 2 Linux, Redhat 2 Linux Kernel, Enterprise Mrg 2024-11-21 N/A
Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.
CVE-2013-1593 1 Sap 1 Netweaver 2024-11-21 7.5 High
A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN.
CVE-2011-1169 1 Linux 1 Linux Kernel 2024-11-21 N/A
Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer.
CVE-2010-3069 3 Canonical, Redhat, Samba 4 Ubuntu Linux, Enterprise Linux, Rhel Eus and 1 more 2024-11-21 N/A
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
CVE-2010-2806 4 Apple, Canonical, Freetype and 1 more 6 Iphone Os, Mac Os X, Tvos and 3 more 2024-11-21 N/A
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.
CVE-2009-3080 7 Canonical, Debian, Linux and 4 more 16 Ubuntu Linux, Debian Linux, Linux Kernel and 13 more 2024-11-21 N/A
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
CVE-2007-5756 1 Winpcap 1 Winpcap 2024-11-21 N/A
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.
CVE-2005-0369 1 Armagetronad 2 Armagetron, Armagetron Advanced 2024-11-21 N/A
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array.
CVE-2003-0721 2 Redhat, Washington 3 Enterprise Linux, Linux, Pine 2024-11-21 N/A
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
CVE-2024-33032 1 Qualcomm 140 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 137 more 2024-11-08 6.7 Medium
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.
CVE-2024-51517 1 Huawei 1 Harmonyos 2024-11-07 5.1 Medium
Vulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-42698 1 Shedaniel 1 Roughlyenoughitems 2024-09-19 4.3 Medium
Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in the Roughly Enough Items (REI) mod for Minecraft, which allows in-game item duplication.
CVE-2024-41565 1 Mezz 1 Justenoughitems 2024-09-19 4.3 Medium
JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication.
CVE-2024-41564 1 Emilyploszaj 1 Emi 2024-09-19 4.3 Medium
EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication.