Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-129

CWE-129

High likelihood

Improper Validation of Array Index

Parent: CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

572 vulnerabilities with CWE-129

CVE-2025-54610 MEDIUM

HarmonyOS - Denial of Service via Audio Codec Module Out-of-Bounds Access

CVE-2025-23278 HIGH

NVIDIA Display Driver - Buffer Overflow

CVE-2025-38367 HIGH

Linux Kernel 6.13-6.15.5 - Out-of-Bounds Write via LoongArch KVM EIOINTC_ENABLE Register Handling

CVE-2025-38239 HIGH

Linux Kernel 5.17-6.1.142, 6.2-6.6.95, 6.7-6.12.35, 6.13-6.15.4 - Out-of-Bounds Access in megaraid_sas

CVE-2025-38198 HIGH

Linux Kernel - Out-of-Bounds Array Index in fbcon_info_from_console via store_modes sysfs Node

CVE-2025-38146 HIGH

Linux kernel - Array Index Out-of-Bounds

CVE-2025-38013 HIGH

Linux kernel - Array Index Out-of-Bounds

CVE-2025-5868 HIGH

RT-Thread 5.1.0 - Improper Restriction of Operations within the Bounds of a Memory Buffer in sys_thread_sigprocmask

CVE-2025-5866 HIGH

RT-Thread 5.1.0 - Improper Restriction of Operations within the Bounds of a Memory Buffer in sys_sigprocmask

CVE-2025-3357 CRITICAL

IBM Tivoli Monitoring <6.3.0.7-SP19 - RCE

CVE-2025-48075 HIGH

Fiber 2.52.6 - Denial of Service via Negative Array Index in BodyParser

CVE-2025-1975 HIGH

Ollama 0.5.11 - Denial of Service via Manifest Spoofing in /api/pull Endpoint

CVE-2025-37752 HIGH

Linux Kernel - Array Index Out-of-Bounds in SFQ Scheduler Configuration

CVE-2025-40114 HIGH

Linux Kernel - Out-of-Bounds Read in veml6075_read_int_time_ms

CVE-2025-40014 HIGH

Linux Kernel 6.14-6.14.2 - Out-of-Bounds Array Access in amd_set_spi_freq

CVE-2025-39728 MEDIUM

Linux Kernel 5.5-6.14.2 - Out-of-Bounds Array Indexing in Samsung Clock Initialization

CVE-2025-22067 HIGH

Linux Kernel 6.12-6.12.22, 6.13-6.13.10, 6.14-6.14.1 - Out-of-Bounds Array Access in cdns_mrvl_xspi_setup_clock

CVE-2025-21447 HIGH

Qualcomm FastConnect 6900/7800, SC8380XP, WCD9380/9385, WSA8840/8845/8845H Firmware Memory Corruption

CVE-2025-21423 HIGH

Qualcomm AQT1000 and FastConnect Firmware - Memory Corruption via EnableTestMode Escape Call

CVE-2025-21991 HIGH

Linux Kernel - Out-of-Bounds Memory Access in AMD Microcode Loading

CVE-2025-30077 MEDIUM

onos-lib-go 0.10.28 - Denial of Service via Zero numBits in ASN.1 Aper GetBitString

CVE-2025-21692 HIGH

Linux kernel - Privilege Escalation

CVE-2025-21680 HIGH

Linux Kernel 5.15-6.12.10 - Out-of-Bounds Array Access in pktgen get_imix_entries

CVE-2024-21970 MEDIUM

AMD Ryzen Threadripper 3000/5000 and Athlon 3000 Series Processors - Memory Corruption via AGESA Array Index Validation

CVE-2024-53009 MEDIUM

Qualcomm AQT1000 Firmware - Memory Corruption via Mailbox Operation

Previous Page 4 of 23 Next

Details

Vulnerabilities 572

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy