CWE-129

High likelihood

Improper Validation of Array Index

Parent: CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

572 vulnerabilities with CWE-129
CVE-2021-46984 HIGH
Linux Kernel 4.18-5.4.120 - Out-of-Bounds Array Access in Kyber Scheduler
CVSS 7.8
CVE-2021-35126 HIGH
Qualcomm Firmware - Memory Corruption in DSP Service via Improper Input Validation
CVSS 8.4
CVE-2021-35121 MEDIUM
Qualcomm Snapdragon Compute/Connectivity/Industrial IOT/Mobile - Use-After-Free in Synx Driver
CVSS 6.7
CVE-2021-35072 HIGH
Qualcomm APQ8009 and related firmwares - Buffer Overflow via DIAG Command Array Index
CVSS 7.8
CVE-2021-21949 HIGH
Accusoft ImageGear - Out-of-Bounds Write via JPEG-JFIF Scan Header Parser
CVSS 8.8
CVE-2021-21947 HIGH
Accusoft ImageGear 19.10 - Heap-Based Buffer Overflow in JPEG-JFIF Lossless Huffman Parser
CVSS 8.8
CVE-2021-30325 MEDIUM
Qualcomm Firmware - Out-of-Bounds Memory Access in DCI Resource Allocation
CVSS 6.7
CVE-2021-35005 LOW
TeamViewer < 15.18.5.0 - Out-of-bounds Read in TeamViewer Service
CVSS 3.3
CVE-2021-30311 HIGH
Qualcomm AR8035 and Multiple Firmware - Heap Overflow via Improper Array Index Validation
CVSS 7.8
CVE-2021-39985 HIGH
HarmonyOS < 2.0 - Denial of Service in HwNearbyMain Module
CVSS 7.5
CVE-2021-30282 HIGH
Qualcomm AR8031 Firmware - Out-of-Bounds Write in RAM Partition Table
CVSS 8.4
CVE-2021-37062 CRITICAL
HarmonyOS < 2.0 - Memory Overflow and Information Leak via Improper Array Index Validation
CVSS 9.1
CVE-2021-37057 HIGH
HarmonyOS < 2.0 - Denial of Service via Array Index Validation
CVSS 7.5
CVE-2021-30255 HIGH
Qualcomm APQ8009 Firmware - Buffer Overflow via PDM DIAG Command in FTM
CVSS 7.8
CVE-2021-1117 MEDIUM
NVIDIA GPU Display Driver 390-392.68 - Denial of Service via DxgkDdiEscape Handler
CVSS 4.7
CVE-2021-35598 MEDIUM
Oracle MySQL <7.4.33, 7.5.23, 7.6.19, 8.0.26 - Privilege Escalation
CVSS 6.3
CVE-2021-35594 MEDIUM
Oracle MySQL <7.4.33, 7.5.23, 7.6.19, 8.0.26 - Privilege Escalation
CVSS 6.3
CVE-2021-35592 MEDIUM
Oracle MySQL <7.5.23, 7.6.19, 8.0.26 - Privilege Escalation
CVSS 6.3
CVE-2021-38654 HIGH
Microsoft 365 Apps and Office - Remote Code Execution via Improper Array Index Validation
CVSS 7.8
CVE-2021-1933 CRITICAL
Qualcomm APQ8017 Firmware - Denial of Service via Improper Validation of SDP Invite Message
CVSS 9.8
CVE-2021-38563 CRITICAL
Foxit PDF Reader <11.0.1 - Memory Corruption
CVSS 9.8
CVE-2021-22374 HIGH
Huawei Smartphone - Info Disclosure
CVSS 7.5
CVE-2021-21833 CRITICAL
Accusoft ImageGear 19.9 - Out-of-Bounds Write via TIF IP_planar_raster_unpack
CVSS 9.8
CVE-2021-31658 HIGH
TP-Link TL-SG2005/TL-SG2008 Firmware 1.0.0 DoS via Device Description
CVSS 8.1
CVE-2021-22333 CRITICAL
Huawei EMUI and Magic UI - Remote Code Execution via Array Index Validation Issue
CVSS 9.8
Details
Vulnerabilities 572
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits