Vulnerabilities > Improper Validation of Array Index
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-18 | CVE-2018-11299 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and as a side effect kernel panic or page fault. | 7.8 |
| 2018-09-06 | CVE-2018-16648 | Improper Validation of Array Index vulnerability in Artifex Mupdf 1.13.0 In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. | 5.5 |
| 2018-09-06 | CVE-2018-11263 | Improper Validation of Array Index vulnerability in Google Android In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FW and is used to access the buffer to copy the radio stats received for each radio from FW. | 8.8 |
| 2018-07-06 | CVE-2018-5894 | Improper Validation of Array Index vulnerability in Qualcomm products Improper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur. | 6.5 |
| 2018-07-06 | CVE-2018-5838 | Improper Validation of Array Index vulnerability in Qualcomm products Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur in SurfaceFlinger. | 7.8 |
| 2018-07-05 | CVE-2018-13302 | Improper Validation of Array Index vulnerability in multiple products In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or possibly unspecified other impact. | 8.8 |
| 2018-07-05 | CVE-2018-12018 | Improper Validation of Array Index vulnerability in Ethereum GO Ethereum The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. | 7.5 |
| 2018-06-12 | CVE-2018-5851 | Improper Validation of Array Index vulnerability in Google Android Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-12 | CVE-2018-3576 | Improper Validation of Array Index vulnerability in Google Android improper validation of array index in WiFi driver function sapInterferenceRssiCount() leads to array out-of-bounds access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-12 | CVE-2017-15857 | Improper Validation of Array Index vulnerability in Google Android In the camera driver, an out-of-bounds access can occur due to an error in copying region params from user space in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |