| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability. |
| IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array. |
| Memory corruption may occur while processing device IO control call for session control. |
| Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. |
| Memory corruption while processing DDI call with invalid buffer. |
| Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host. |
| Out-of-bounds array access issue due to insufficient data verification in the location service module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Improper validation of array index vulnerability in UserPrivilege.Enum webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors. |
| Out-of-bounds access vulnerability in the audio codec module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Memory corruption may occur while validating ports and channels in Audio driver. |
| Memory corruption in Kernel while parsing metadata. |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. |
| Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. |
| Memory corruption while operating the mailbox in Automotive. |
| An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific service was accessible to unauthenticated users. |
| NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. A successful exploit of this vulnerability might lead to data tampering or denial of service. |
| Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in putBitString. |
| C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.
|
| Debug Messages Revealing Unnecessary Information vulnerability in TLA Media GTM Kit allows Retrieve Embedded Sensitive Data. This issue affects GTM Kit: from n/a through 2.3.1. |
| A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. |
