CWE-129— Improper Validation of Array Index
532 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-129page 4 of 11
- CVE-2020-28616HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28617HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28618HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28619HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28620HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28621HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28622HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28623HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28624HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28625HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28626HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28627HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28628HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28629HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28630HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28631HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28632HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28633HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28634HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28635HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-28636CRITICALCVSS 9.8EG 9.82021-03-04
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious…
- CVE-2020-28851HIGHCVSS 7.5EG 7.52021-01-02
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
- CVE-2020-28852HIGHCVSS 7.5EG 7.52021-01-02
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
- CVE-2020-29242MEDIUMCVSS 6.5EG 6.52020-12-28
dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readPICFrame.
- CVE-2020-29243MEDIUMCVSS 6.5EG 6.52020-12-28
dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readAPICFrame.
- CVE-2020-29244MEDIUMCVSS 6.5EG 6.52020-12-28
dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readTextWithDescrFrame.
- CVE-2020-29245MEDIUMCVSS 6.5EG 6.52020-12-28
dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readAtomData.
- CVE-2020-35628CRITICALCVSS 9.8EG 9.82021-03-04
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide …
- CVE-2020-35629HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-35630HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-35631HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-35632HIGHCVSS 8.8EG 8.82022-04-18
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution…
- CVE-2020-35633HIGHCVSS 8.8EG 8.82021-08-30
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() store_sm_boundary_item() Edge_of.A specia…
- CVE-2020-35634HIGHCVSS 8.8EG 8.82021-08-30
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Sloop_of. A s…
- CVE-2020-35635HIGHCVSS 8.8EG 8.82021-08-30
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read. A specially crafted malformed file …
- CVE-2020-35636CRITICALCVSS 9.8EG 9.82021-03-04
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-o…
- CVE-2020-36067HIGHCVSS 7.5EG 7.52021-01-05
GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.
- CVE-2020-3630HIGHCVSS 7.8EG 7.82020-06-02
Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice …
- CVE-2020-3632HIGHCVSS 7.8EG 7.82020-11-12
u'Incorrect validation of ring context fetched from host memory can lead to memory overflow' in Snapdragon Compute, Snapdragon Mobile in QSM8350, SC7180, SDX55, SDX55M, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8…
- CVE-2020-3633CRITICALCVSS 9.8EG 9.82020-06-02
Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mob…
- CVE-2020-3639CRITICALCVSS 9.8EG 9.82020-11-12
u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap…
- CVE-2020-3654CRITICALCVSS 9.8EG 9.82020-11-02
u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I…
- CVE-2020-3660CRITICALCVSS 9.8EG 9.82020-06-22
Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Sn…
- CVE-2020-3665HIGHCVSS 7.8EG 7.82020-06-22
A possible buffer overflow would occur while processing command from firmware due to the group_id obtained from the firmware being out of range in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronic…
- CVE-2020-3673CRITICALCVSS 9.8EG 9.82020-11-02
u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT…
- CVE-2020-3676HIGHCVSS 7.8EG 7.82020-06-22
Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM891…
- CVE-2020-36776MEDIUMCVSS 5.5EG 5.52024-02-27
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreq_cooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpu_power_to_freq(). If power is limited below the power of OPP0 in EM table, i…
- CVE-2020-5319HIGHCVSS 7.5EG 7.52020-02-06
Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthentica…
- CVE-2020-5959MEDIUMCVSS 5.5EG 5.52020-03-12
NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an input index value is incorrectly validated which may lead to denial of service.
- CVE-2020-8875HIGHCVSS 8.8EG 8.82020-03-23
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…
Map vulnerabilities like CWE-129 to your infrastructure
EchelonGraph correlates every CVE — across CWE-129 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →