Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-129

CWE-129

High likelihood

Improper Validation of Array Index

Parent: CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

572 vulnerabilities with CWE-129

CVE-2018-7406 HIGH

Foxit PhantomPDF and Reader < 9.1 - Remote Code Execution via U3D Image Array Indexing

CVE-2018-10120 HIGH

LibreOffice <5.4.6.1-6.0.2.1 - DoS

CVE-2017-18274 HIGH

Qualcomm Mdm9206 Firmware - Improper Array Index Validation

CVE-2017-18309 HIGH

Qualcomm SD 845 and SD 850 Firmware - Arbitrary Memory Read and Write via QMP Transportation Micro-Core

CVE-2017-15857 HIGH

Android - Out-of-Bounds Access in Camera Driver Region Params Copy

CVE-2017-5445 HIGH

Debian Linux < 45.9.0 - Improper Array Index Validation

CVE-2017-15855 HIGH

Qualcomm Android MSM Firefox OS and QRD Android - Kernel Buffer Overflow via Camera CPP Module

CVE-2017-15830 HIGH

Android - Buffer Overflow in sme_set_plm_request

CVE-2017-14889 HIGH

Android - Remote Code Execution via WMI Descriptor Pool Index

CVE-2017-15861 HIGH

Android - Out-of-Bounds Write via Unvalidated vdev_id in wma_roam_synch_event_handler

CVE-2017-16410 HIGH

Adobe Acrobat and Reader <2017.012.20098 - Info Disclosure

CVE-2017-16391 HIGH

Adobe Acrobat and Reader < 11.0.22, 15.0-15.006.30355, 17.0-17.012.20098 - Memory Corruption via Printing Functionality

CVE-2017-8172 MEDIUM

Huawei P10 and P10 Plus Firmware < VKY-AL00C00B157, < VTR-AL00C00B157 - Denial of Service via Isub Service Array Index

CVE-2017-16899 HIGH

Xfig 3.2.6a - Denial of Service or Information Disclosure via Malicious Fig File

CVE-2017-0836 HIGH

Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Remote Code Execution in libhevc

CVE-2017-8251 HIGH

Android < 8.0 - Memory Corruption via Unchecked Array Index in Stream Configuration

CVE-2017-0805 HIGH

Android <7.1.2 - Privilege Escalation

CVE-2017-10663 HIGH

Linux Kernel 3.8-3.18.64 - Local Privilege Escalation via Unvalidated F2FS Checkpoint Arrays

CVE-2017-0737 HIGH

Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 - Elevation of Privilege in Media Framework

CVE-2017-0716 HIGH

Android 6.0 6.0.1 7.0 7.1.1 7.1.2 - Remote Code Execution in libmpeg2

CVE-2017-8797 HIGH

Linux Kernel < 4.11.3 - Denial of Service via NFSv4 pNFS GETDEVICEINFO or LAYOUTGET Operand

CVE-2017-0347 HIGH

NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscape Array Index

CVE-2017-0345 HIGH

NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via DxgDdiEscape Array Index Validation

CVE-2017-7228 HIGH

Xen 4.4.x-4.8.x - Improper Validation of Array Index in XENMEM_exchange

CVE-2017-0322 HIGH

NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via Array Index Validation

Previous Page 22 of 23 Next

Details

Vulnerabilities 572

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy