Vulnerabilities (CVE)

Filtered by CWE-129
Total 368 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-7170 3 Debian, Opensuse, Qemu 3 Debian Linux, Leap, Qemu 2024-02-28 2.1 LOW 4.4 MEDIUM
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command.
CVE-2014-6317 1 Microsoft 9 Windows 7, Windows 8, Windows 8.1 and 6 more 2024-02-28 7.1 HIGH N/A
Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font, aka "Denial of Service in Windows Kernel Mode Driver Vulnerability."
CVE-2011-1169 1 Linux 1 Linux Kernel 2024-02-28 7.2 HIGH N/A
Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer.
CVE-2010-2806 3 Apple, Canonical, Freetype 5 Iphone Os, Mac Os X, Tvos and 2 more 2024-02-28 6.8 MEDIUM N/A
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.
CVE-2009-3080 7 Canonical, Debian, Linux and 4 more 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more 2024-02-28 7.2 HIGH N/A
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
CVE-2007-5756 1 Winpcap 1 Winpcap 2024-02-28 6.9 MEDIUM N/A
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.
CVE-2005-0369 1 Armagetronad 2 Armagetron, Armagetron Advanced 2024-02-28 5.0 MEDIUM N/A
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array.
CVE-2003-0721 1 Washington 1 Pine 2024-02-28 7.5 HIGH N/A
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.