Vulnerabilities > Improper Validation of Array Index
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-16 | CVE-2018-10120 | Improper Validation of Array Index vulnerability in multiple products The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. | 7.8 |
| 2018-03-16 | CVE-2017-15830 | Improper Validation of Array Index vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper ch_list array index initialization in function sme_set_plm_request() causes potential buffer overflow. | 7.8 |
| 2018-03-16 | CVE-2017-14889 | Improper Validation of Array Index vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to the lack of a range check on the array index into the WMI descriptor pool, arbitrary address execution may potentially occur in the process mgmt completion handler. | 7.8 |
| 2018-02-23 | CVE-2017-15861 | Improper Validation of Array Index vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation. | 7.8 |
| 2017-12-09 | CVE-2017-16410 | Improper Validation of Array Index vulnerability in Adobe products An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. | 8.8 |
| 2017-12-09 | CVE-2017-16391 | Improper Validation of Array Index vulnerability in Adobe products An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. | 8.8 |
| 2017-11-22 | CVE-2017-8172 | Improper Validation of Array Index vulnerability in Huawei P10 Firmware and P10 Plus Firmware Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL00C00B157 versions and earlier than VTR-AL00C00B157 versions has a denial of service (DoS) vulnerability. | 5.5 |
| 2017-11-20 | CVE-2017-16899 | Improper Validation of Array Index vulnerability in multiple products An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c. | 7.1 |
| 2017-11-16 | CVE-2017-0836 | Improper Validation of Array Index vulnerability in Google Android A remote code execution vulnerability in the Android media framework (libhevc). | 7.8 |
| 2017-09-21 | CVE-2017-8251 | Improper Validation of Array Index vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in functions msm_isp_check_stream_cfg_cmd & msm_isp_stats_update_cgc_override, 'stream_cfg_cmd->num_streams' is not checked, and could overflow the array stream_cfg_cmd->stream_handle. | 7.8 |