Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-129
Total 265 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28632 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->incident_sface().
CVE-2020-28629 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->sprev().
CVE-2020-28626 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->incident_volume().
CVE-2020-28628 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() seh->twin().
CVE-2020-28625 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SLoop_of.
CVE-2020-28627 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() ch->shell_entry_objects().
CVE-2020-28624 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SEdge_of.
CVE-2020-28623 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->twin().
CVE-2020-28621 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->out_sedge().
CVE-2020-28622 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->incident_sface().
CVE-2020-28620 2 Cgal, Debian 2 Computational Geometry Algorithms Library, Debian Linux 2023-01-09 6.8 MEDIUM 8.8 HIGH
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->center_vertex():.
CVE-2022-42255 5 Citrix, Linux, Nvidia and 2 more 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more 2023-01-06 N/A 7.8 HIGH
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.
CVE-2022-31745 1 Mozilla 1 Firefox 2023-01-04 N/A 4.3 MEDIUM
If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101.
CVE-2022-4603 1 Samba 1 Ppp 2022-12-22 N/A 8.8 HIGH
** DISPUTED ** A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario.
CVE-2022-2951 1 Altair 1 Hyperview Player 2022-12-19 N/A 7.8 HIGH
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption.
CVE-2022-25711 1 Qualcomm 116 Aqt1000, Aqt1000 Firmware, Mdm9150 and 113 more 2022-12-15 N/A 7.8 HIGH
Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2022-25695 1 Qualcomm 394 Apq8009, Apq8009 Firmware, Apq8009w and 391 more 2022-12-15 N/A 7.8 HIGH
Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2016-9053 1 Aerospike 1 Database Server 2022-12-13 7.5 HIGH 9.8 CRITICAL
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability.
CVE-2022-46152 1 Op-tee 1 Op-tee Os 2022-12-02 N/A 8.8 HIGH
OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function `cleanup_shm_refs()` is called by both `entry_invoke_command()` and `entry_open_session()`. The commands `OPTEE_MSG_CMD_OPEN_SESSION` and `OPTEE_MSG_CMD_INVOKE_COMMAND` can be executed from the normal world via an OP-TEE SMC. This function is not validating the `num_params` argument, which is only limited to `OPTEE_MSG_MAX_NUM_PARAMS` (127) in the function `get_cmd_buffer()`. Therefore, an attacker in the normal world can craft an SMC call that will cause out-of-bounds reading in `cleanup_shm_refs` and potentially freeing of fake-objects in the function `mobj_put()`. A normal-world attacker with permission to execute SMC instructions may exploit this flaw. Maintainers believe this problem permits local privilege escalation from the normal world to the secure world. Version 3.19.0 contains a fix for this issue. There are no known workarounds.
CVE-2022-35737 2 Netapp, Sqlite 2 Ontap Select Deploy Administration Utility, Sqlite 2022-11-16 N/A 7.5 HIGH
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.