Vulnerabilities > Improper Validation of Array Index

DATE CVE VULNERABILITY TITLE RISK
2025-04-07 CVE-2025-21423 Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.
local
low complexity
CWE-129
7.8
2025-04-07 CVE-2025-21447 Memory corruption may occur while processing device IO control call for session control.
local
low complexity
CWE-129
7.8
2025-03-20 CVE-2025-0313 Improper Validation of Array Index vulnerability in Ollama
A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a GGUF model that can cause a denial of service (DoS) attack.
network
low complexity
ollama CWE-129
7.5
2025-03-03 CVE-2024-49836 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.
local
low complexity
qualcomm CWE-129
7.8
2025-03-03 CVE-2024-53014 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption may occur while validating ports and channels in Audio driver.
local
low complexity
qualcomm CWE-129
7.8
2025-02-27 CVE-2024-57996 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1.
local
low complexity
linux CWE-129
5.5
2025-02-26 CVE-2022-49471 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check mac_id to avoid out-of-bounds Somehow, hardware reports incorrect mac_id and pollute memory.
local
low complexity
linux CWE-129
7.8
2025-02-26 CVE-2022-49478 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index.
local
low complexity
linux CWE-129
7.8
2025-02-26 CVE-2022-49548 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix potential array overflow in bpf_trampoline_get_progs() The cnt value in the 'cnt >= BPF_MAX_TRAMP_PROGS' check does not include BPF_TRAMP_MODIFY_RETURN bpf programs, so the number of the attached BPF_TRAMP_MODIFY_RETURN bpf programs in a trampoline can exceed BPF_MAX_TRAMP_PROGS. When this happens, the assignment '*progs++ = aux->prog' in bpf_trampoline_get_progs() will cause progs array overflow as the progs field in the bpf_tramp_progs struct can only hold at most BPF_MAX_TRAMP_PROGS bpf programs.
local
low complexity
linux CWE-129
7.8
2025-02-26 CVE-2022-49720 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blk_mq_alloc_request_hctx() This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long unsigned int [512]' Call Trace: show_stack+0x52/0x58 dump_stack_lvl+0x49/0x5e dump_stack+0x10/0x12 ubsan_epilogue+0x9/0x3b __ubsan_handle_out_of_bounds.cold+0x44/0x49 blk_mq_alloc_request_hctx+0x304/0x310 __nvme_submit_sync_cmd+0x70/0x200 [nvme_core] nvmf_connect_io_queue+0x23e/0x2a0 [nvme_fabrics] nvme_loop_connect_io_queues+0x8d/0xb0 [nvme_loop] nvme_loop_create_ctrl+0x58e/0x7d0 [nvme_loop] nvmf_create_ctrl+0x1d7/0x4d0 [nvme_fabrics] nvmf_dev_write+0xae/0x111 [nvme_fabrics] vfs_write+0x144/0x560 ksys_write+0xb7/0x140 __x64_sys_write+0x42/0x50 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x44/0xae
local
low complexity
linux CWE-129
7.8