| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication. |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. |
| JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication. |
| Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in the Roughly Enough Items (REI) mod for Minecraft, which allows in-game item duplication. |
| In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628508; Issue ID: ALPS07628508. |
| Memory corruption due to improper validation of array index in Multi-mode call processor. |
| Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. |
| Memory corruption due to improper validation of array index in Audio. |
| Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. |
| Memory corruption in WLAN HAL while handling command streams through WMI interfaces. |
| Memory corruption in WLAN HAL while handling command through WMI interfaces. |
| In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the
Xtensa port was missing an array size check causing a memory overwrite.
The affected file was ports/xtensa/xcc/src/tx_clib_lock.c |
| Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages. |
| An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. |
