Filtered by CWE-129
Filtered by vendor Subscriptions
Total 437 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-39985 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-38654 1 Microsoft 2 365 Apps, Office 2024-11-21 7.8 High
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2021-38563 2 Foxit, Foxitsoftware 2 Pdf Reader, Pdf Editor 2024-11-21 9.8 Critical
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It mishandles situations in which an array size (derived from a /Size entry) is smaller than the maximum indirect object number, and thus there is an attempted incorrect array access (leading to a NULL pointer dereference, or out-of-bounds read or write).
CVE-2021-37062 1 Huawei 1 Harmonyos 2024-11-21 9.1 Critical
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage.
CVE-2021-37057 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to restart the phone.
CVE-2021-35598 2 Netapp, Oracle 3 Oncommand Insight, Snapcenter, Mysql Cluster 2024-11-21 6.3 Medium
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).
CVE-2021-35594 2 Netapp, Oracle 3 Oncommand Insight, Snapcenter, Mysql Cluster 2024-11-21 6.3 Medium
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).
CVE-2021-35592 2 Netapp, Oracle 3 Oncommand Insight, Snapcenter, Mysql Cluster 2024-11-21 6.3 Medium
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).
CVE-2021-35126 1 Qualcomm 52 Qam8295p, Qam8295p Firmware, Qca6391 and 49 more 2024-11-21 8.4 High
Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2021-35121 1 Qualcomm 88 Apq8053, Apq8053 Firmware, Msm8953 and 85 more 2024-11-21 6.7 Medium
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2021-35072 1 Qualcomm 164 Apq8009, Apq8009 Firmware, Apq8009w and 161 more 2024-11-21 7.8 High
Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2021-35005 1 Teamviewer 1 Teamviewer 2024-11-21 3.3 Low
This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818.
CVE-2021-33815 1 Ffmpeg 1 Ffmpeg 2024-11-21 8.8 High
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.
CVE-2021-31658 1 Tp-link 4 Tl-sg2005, Tl-sg2005 Firmware, Tl-sg2008 and 1 more 2024-11-21 8.1 High
TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is affected by an Array index error. The interface that provides the "device description" function only judges the length of the received data, and does not filter special characters. This vulnerability will cause the application to crash, and all device configuration information will be erased.
CVE-2021-30325 1 Qualcomm 318 Apq8096au, Apq8096au Firmware, Ar8031 and 315 more 2024-11-21 6.7 Medium
Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2021-30311 1 Qualcomm 134 Ar8035, Ar8035 Firmware, Qca6390 and 131 more 2024-11-21 7.8 High
Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2021-30282 1 Qualcomm 250 Ar8031, Ar8031 Firmware, Ar8035 and 247 more 2024-11-21 8.4 High
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2021-30255 1 Qualcomm 376 Apq8009, Apq8009 Firmware, Apq8009w and 373 more 2024-11-21 7.8 High
Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2021-22374 1 Huawei 2 Emui, Magic Ui 2024-11-21 7.5 High
There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks.
CVE-2021-22333 1 Huawei 2 Emui, Magic Ui 2024-11-21 9.8 Critical
There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.