Vulnerabilities > Improper Validation of Array Index
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-26 | CVE-2018-11490 | Improper Validation of Array Index vulnerability in multiple products The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. | 8.8 |
| 2018-05-26 | CVE-2018-11489 | Improper Validation of Array Index vulnerability in multiple products The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. | 8.8 |
| 2018-05-24 | CVE-2018-7406 | Improper Validation of Array Index vulnerability in Foxitsoftware Phantompdf and Reader An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
| 2018-04-18 | CVE-2016-10454 | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425, SD 430, SD 450, and SD 625, in a QTEE API function, an array out-of-bounds index can occur. | 10.0 |
| 2018-04-18 | CVE-2014-9990 | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, lack of input validation could lead to an out of bound array access. | 10.0 |
| 2018-04-18 | CVE-2014-9989 | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, if an incorrect endpoint number or direction is passed, an out of bounds array access may occur in the USB management module. | 10.0 |
| 2018-04-18 | CVE-2014-10048 | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while setting the offsets, time-services allows the user to set bases greater than valid base value which will lead to array index out-of-bound. | 10.0 |
| 2018-04-18 | CVE-2014-10044 | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 617, SD 800, and SD 820, in the time daemon, unauthorized users can potentially modify system time and cause an array index to be out-of-bound. | 5.0 |
| 2018-04-16 | CVE-2018-10120 | Improper Validation of Array Index vulnerability in multiple products The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. | 7.8 |
| 2018-03-16 | CVE-2017-14889 | Improper Validation of Array Index vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to the lack of a range check on the array index into the WMI descriptor pool, arbitrary address execution may potentially occur in the process mgmt completion handler. | 4.6 |