Vulnerabilities > Improper Validation of Array Index

DATE CVE VULNERABILITY TITLE RISK
2017-08-09 CVE-2017-0737 Improper Validation of Array Index vulnerability in Google Android
A elevation of privilege vulnerability in the Android media framework (libstagefright).
local
low complexity
google CWE-129
7.8
2017-08-09 CVE-2017-0716 Improper Validation of Array Index vulnerability in Google Android
A remote code execution vulnerability in the Android media framework (libmpeg2).
local
low complexity
google CWE-129
7.8
2017-07-02 CVE-2017-8797 Improper Validation of Array Index vulnerability in Linux Kernel
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker.
network
low complexity
linux CWE-129
7.5
2017-06-06 CVE-2014-9948 Improper Validation of Array Index vulnerability in Google Android
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist.
local
low complexity
google CWE-129
7.8
2017-05-09 CVE-2017-0347 Improper Validation of Array Index vulnerability in Nvidia GPU Driver
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array, which may lead to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-129
7.8
2017-05-09 CVE-2017-0345 Improper Validation of Array Index vulnerability in Nvidia GPU Driver
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input used as an array size is not correctly validated allows out of bound access in kernel memory and may lead to denial of service or potential escalation of privileges
local
low complexity
nvidia CWE-129
7.8
2017-04-04 CVE-2017-7228 Improper Validation of Array Index vulnerability in XEN
An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x.
local
low complexity
xen CWE-129
8.2
2017-02-21 CVE-2016-9053 Improper Validation of Array Index vulnerability in Aerospike Database Server 3.10.0.3
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3.
network
low complexity
aerospike CWE-129
critical
9.8
2017-02-15 CVE-2017-0322 Improper Validation of Array Index vulnerability in Nvidia GPU Driver
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a value passed from a user to the driver is not correctly validated and used as the index to an array, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-129
7.8
2016-12-16 CVE-2016-8816 Improper Validation of Array Index vulnerability in Nvidia GPU Driver
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the index to an array, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-129
7.8