Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-129

CWE-129

High likelihood

Improper Validation of Array Index

Parent: CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

572 vulnerabilities with CWE-129

CVE-2016-10454 CRITICAL

Qualcomm SD 425, SD 430, SD 450, and SD 625 Firmware - Out-of-Bounds Array Index in QTEE API

CVE-2016-10386 CRITICAL

Google Android - Improper Array Index Validation

CVE-2016-9053 CRITICAL

Aerospike Database Server <3.10.0.3 - RCE

CVE-2016-8816 HIGH

NVIDIA Windows GPU Display Driver - Privilege Escalation

CVE-2016-8815 HIGH

NVIDIA Windows GPU Display Driver - Privilege Escalation

CVE-2016-7170 MEDIUM

QEMU < 2.7.1 - Denial of Service via vmsvga_fifo_run DEFINE_CURSOR Command

CVE-2015-8366 CRITICAL

LibRaw < 0.17.1 - Memory Corruption via smal_decode_segment Array Index Error

CVE-2015-8316 MEDIUM

LightDM 1.14.3 and 1.16.x < 1.16.6 - Denial of Service via XDMCP Request Packet

CVE-2014-9990 CRITICAL

Qualcomm Snapdragon Mobile and Wear Firmware - Out-of-Bounds Array Access via Improper Index Validation

CVE-2014-9989 CRITICAL

Qualcomm Snapdragon Mobile and Wear Firmware - Out-of-Bounds Array Access in USB Management Module

CVE-2014-10048 CRITICAL

Qualcomm Snapdragon Mobile and Wear Firmware - Array Index Out-of-Bounds Write in Time-Services Offset Handling

CVE-2014-10044 HIGH

Qualcomm Mdm9615 Firmware - Improper Array Index Validation

CVE-2014-4616 MEDIUM

Python 2.7.0-2.7.6 and simplejson < 2.6.1 - Memory Read via Negative Array Index in _json raw_decode

CVE-2014-9948 HIGH

Android TrustZone - Improper Validation of Array Index

Windows Kernel-Mode Drivers - Denial of Service via Crafted TrueType Font

CVE-2013-1593 HIGH

SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, 7.30 SP04 - Denial of Service via WRITE_C Function in msg_server.exe

Linux Kernel < 2.6.38.1 - Memory Corruption or Privilege Escalation via AudioScience HPI Driver Adapter Index

FreeType < 2.4.2 - Heap-Based Buffer Overflow via Negative Size Values in FontType42 Font Files

Linux Kernel < 2.6.32-rc8 - Local Privilege Escalation via Negative Event Index in gdth_read_event

WinPcap < 4.0.2 - Local Privilege Escalation via Crafted IOCTL Requests

CVE-2005-0369 MEDIUM

Armagetron < 0.2.6.0 and Armagetron Advanced < 0.2.7.0 - Denial of Service via Large Descriptor ID or Claim ID

Pine < 4.58 - Remote Code Execution via Negative Array Index in rfc2231_get_param

Previous Page 23 of 23

Details

Vulnerabilities 572

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy