Vulnerabilities > Improper Validation of Array Index

DATE CVE VULNERABILITY TITLE RISK
2016-12-16 CVE-2016-8815 Improper Validation of Array Index vulnerability in Nvidia GPU Driver
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the index to an array, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-129
7.8
2016-12-10 CVE-2016-7170 Improper Validation of Array Index vulnerability in multiple products
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command.
local
low complexity
qemu debian opensuse CWE-129
4.4