CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.
40 vulnerabilities with CWE-1285
CVE-2026-20440
MEDIUM
MAE - Privilege Escalation
CVSS 6.7
CVE-2026-20413
MEDIUM
imgsys - Privilege Escalation
CVSS 6.7
CVE-2025-20796
HIGH
Google Android - Out-of-Bounds Access
CVSS 7.8
CVE-2025-48511
MEDIUM
AMD uprof - Memory Corruption
CVSS 5.5
CVE-2025-48502
MEDIUM
AMD uprof - Memory Corruption
CVSS 5.5
CVE-2025-55086
CRITICAL
NetXDuo <6.4.4 - Memory Corruption
CVSS 9.8
CVE-2025-55087
HIGH
NextX Duo <6.4.4 - Memory Corruption
CVSS 7.5
CVE-2025-8291
MEDIUM
Zipfile - Buffer Overflow
CVSS 4.3
CVE-2024-36342
HIGH
GPU Driver < unknown - Buffer Overflow
CVSS 8.8
CVE-2025-9189
HIGH
Digilent DASYLab - RCE
CVSS 7.8
CVE-2025-57778
HIGH
NI Dasylab - Out-of-Bounds Write
CVSS 7.8
CVE-2025-57777
HIGH
NI Dasylab - Out-of-Bounds Write
CVSS 7.8
CVE-2025-57776
HIGH
NI Dasylab - Out-of-Bounds Write
CVSS 7.8
CVE-2025-57775
HIGH
NI Dasylab - Out-of-Bounds Write
CVSS 7.8
CVE-2025-57774
HIGH
NI Dasylab - Out-of-Bounds Write
CVSS 7.8
CVE-2025-7849
HIGH
NI LabVIEW <2025 Q1 - Memory Corruption
CVSS 7.8
CVE-2025-7848
HIGH
NI LabVIEW <2025 Q1 - Memory Corruption
CVSS 7.8
CVE-2025-2634
HIGH
NI LabVIEW <2025 Q1 - RCE/Info Disclosure
CVSS 7.8
CVE-2025-2633
HIGH
NI LabVIEW <2025 Q1 - Code Injection
CVSS 7.8
CVE-2025-3755
CRITICAL
Mitsubishi Electric Corporation MELSEC iQ-F Series - DoS
CVSS 9.1
CVE-2025-3357
CRITICAL
IBM Tivoli Monitoring <6.3.0.7-SP19 - RCE
CVSS 9.8
CVE-2024-10496
HIGH
NI Labview < 2021 - Out-of-Bounds Access
CVSS 7.8
CVE-2024-10495
HIGH
NI Labview < 2021 - Out-of-Bounds Access
CVSS 7.8
CVE-2024-10494
HIGH
NI Labview < 2021 - Out-of-Bounds Access
CVSS 7.8
CVE-2024-51566
MEDIUM
NVMe Driver - Use After Free
CVSS 6.5
Details
Vulnerabilities
40