CVE-2023-31306
Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability.
CVE-2025-38697
In the Linux kernel, the following vulnerability has been resolved:
jfs: upper bound check of tree index in dbAllocAG
When computing the tree index in dbAllocAG, we never check if we are
out of bounds realative to the size of the stree.
T…
CVE-2025-27075
Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.
CVE-2025-27067
Memory corruption while processing DDI call with invalid buffer.
CVE-2025-54650
Improper array index verification vulnerability in the audio codec module.
Impact: Successful exploitation of this vulnerability may affect the audio decoding function.
CVE-2025-54645
Out-of-bounds array access issue due to insufficient data verification in the location service module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54610
Out-of-bounds access vulnerability in the audio codec module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-23278
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. A successful exploit of this vulnerability might lead to data tamperi…
CVE-2025-38367
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: KVM: Avoid overflow with array index
The variable index is modified and reused as array index when modify
register EIOINTC_ENABLE. There will be array index ov…
CVE-2025-38239
In the Linux kernel, the following vulnerability has been resolved:
scsi: megaraid_sas: Fix invalid node index
On a system with DRAM interleave enabled, out-of-bound access is
detected:
megaraid_sas 0000:3f:00.0: requested/available msix…
CVE-2024-53009
Memory corruption while operating the mailbox in Automotive.
CVE-2025-38198
In the Linux kernel, the following vulnerability has been resolved:
fbcon: Make sure modelist not set on unregistered console
It looks like attempting to write to the "store_modes" sysfs node will
run afoul of unregistered consoles:
UBSA…
CVE-2025-38146
In the Linux kernel, the following vulnerability has been resolved:
net: openvswitch: Fix the dead loop of MPLS parse
The unexpected MPLS packet may not end with the bottom label stack.
When there are many stacks, The label count value ha…
CVE-2024-35164
The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted seque…
CVE-2022-50066
In the Linux kernel, the following vulnerability has been resolved:
net: atlantic: fix aq_vec index out of range error
The final update statement of the for loop exceeds the array range, the
dereference of self->aq_vec[i] is not checked a…
CVE-2025-38013
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request
Make sure that n_channels is set after allocating the
struct cfg80211_registered_device::int_…
CVE-2025-48075
Fiber is an Express-inspired web framework written in Go. Starting in version 2.52.6 and prior to version 2.52.7, `fiber.Ctx.BodyParser` can map flat data to nested slices using `key[idx]value` syntax, but when idx is negative, it causes a…
CVE-2025-1975
A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when…
CVE-2024-45578
Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.
CVE-2024-45576
Memory corruption while prociesing command buffer buffer in OPE module.