ReportizFlow
Filtered by vendor
Subscriptions
Total
437 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-33281 | 1 Qualcomm | 16 Sm8450, Sm8450 Firmware, Wcd9380 and 13 more | 2024-11-21 | 6.7 Medium |
| Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames. | ||||
| CVE-2022-33275 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 515 more | 2024-11-21 | 8.4 High |
| Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. | ||||
| CVE-2022-33274 | 1 Qualcomm | 22 Qam8295p, Qam8295p Firmware, Qca6574au and 19 more | 2024-11-21 | 8.4 High |
| Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication. | ||||
| CVE-2022-33256 | 1 Qualcomm | 130 Ar8035, Ar8035 Firmware, Qca6390 and 127 more | 2024-11-21 | 9.8 Critical |
| Memory corruption due to improper validation of array index in Multi-mode call processor. | ||||
| CVE-2022-31745 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 Medium |
| If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101. | ||||
| CVE-2022-31603 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 6.4 Medium |
| NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information disclosure. | ||||
| CVE-2022-31135 | 1 Aceattorneyonline | 1 Akashi | 2024-11-21 | 6.5 Medium |
| Akashi is an open source server implementation of the Attorney Online video game based on the Ace Attorney universe. Affected versions of Akashi are subject to a denial of service attack. An attacker can use a specially crafted evidence packet to make an illegal modification, causing a server crash. This can be used to mount a denial-of-service exploit. Users are advised to upgrade. There is no known workaround for this issue. | ||||
| CVE-2022-30763 | 1 Janet-lang | 1 Janet | 2024-11-21 | 7.5 High |
| Janet before 1.22.0 mishandles arrays. | ||||
| CVE-2022-2951 | 1 Altair | 1 Hyperview Player | 2024-11-21 | 7.8 High |
| Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption. | ||||
| CVE-2022-27223 | 3 Debian, Linux, Netapp | 17 Debian Linux, Linux Kernel, Active Iq Unified Manager and 14 more | 2024-11-21 | 8.8 High |
| In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. | ||||
| CVE-2022-26100 | 1 Sap | 1 Sapcar | 2024-11-21 | 9.8 Critical |
| SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system. | ||||
| CVE-2022-25720 | 1 Qualcomm | 370 Apq8009, Apq8009 Firmware, Apq8009w and 367 more | 2024-11-21 | 9.8 Critical |
| Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2022-25711 | 1 Qualcomm | 116 Aqt1000, Aqt1000 Firmware, Mdm9150 and 113 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||||
| CVE-2022-25695 | 1 Qualcomm | 394 Apq8009, Apq8009 Firmware, Apq8009w and 391 more | 2024-11-21 | 8.4 High |
| Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2022-25690 | 1 Qualcomm | 304 Apq8096au, Apq8096au Firmware, Aqt1000 and 301 more | 2024-11-21 | 7.5 High |
| Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | ||||
| CVE-2022-22099 | 1 Qualcomm | 4 Sa8540p, Sa8540p Firmware, Sa9000p and 1 more | 2024-11-21 | 8.4 High |
| Memory corruption in multimedia due to improper validation of array index in Snapdragon Auto | ||||
| CVE-2022-21310 | 2 Netapp, Oracle | 3 Oncommand Insight, Oncommand Workflow Automation, Mysql | 2024-11-21 | 6.3 Medium |
| Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). | ||||
| CVE-2022-1237 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.8 High |
| Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). | ||||
| CVE-2021-43389 | 4 Debian, Linux, Oracle and 1 more | 6 Debian Linux, Linux Kernel, Communications Cloud Native Core Binding Support Function and 3 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | ||||
| CVE-2021-3121 | 3 Golang, Hashicorp, Redhat | 9 Protobuf, Consul, Acm and 6 more | 2024-11-21 | 8.6 High |
| An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue. | ||||