CWE-118
Incorrect Access of Indexable Resource ('Range Error')
Description
The product does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-14 · CAPEC-24 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10495 | Cri | 0.64 | 9.8 | 0.01 | Apr 18, 2018 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, made changes to map the scan type value to an index value that is in range. | ||
| CVE-2015-9142 | Cri | 0.64 | 9.8 | 0.01 | Apr 18, 2018 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9645, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SDM630, SDM636,… | ||
| CVE-2015-2004 | Cri | 0.64 | 9.8 | 0.02 | Mar 29, 2018 | The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | ||
| CVE-2015-2003 | Cri | 0.64 | 9.8 | 0.02 | Mar 29, 2018 | The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | ||
| CVE-2015-2002 | Cri | 0.64 | 9.8 | 0.02 | Mar 29, 2018 | The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | ||
| CVE-2015-2001 | Cri | 0.64 | 9.8 | 0.02 | Mar 29, 2018 | The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | ||
| CVE-2015-2000 | Cri | 0.64 | 9.8 | 0.02 | Mar 29, 2018 | The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | ||
| CVE-2014-9411 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection. | ||
| CVE-2018-7530 | Hig | 0.51 | 7.8 | 0.00 | Apr 17, 2018 | Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator… | ||
| CVE-2017-5884 | Hig | 0.51 | 7.8 | 0.02 | Feb 28, 2017 | gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile. | ||
| CVE-2017-10872 | Med | 0.42 | 6.5 | 0.02 | Dec 22, 2017 | H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors. | ||
| CVE-2017-0302 | Med | 0.35 | 5.3 | 0.01 | May 9, 2017 | In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters. | ||
| CVE-2022-38072 | 0.00 | — | 0.01 | Apr 3, 2023 | An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this… |
- risk 0.64cvss 9.8epss 0.01
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, made changes to map the scan type value to an index value that is in range.
- risk 0.64cvss 9.8epss 0.01
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9645, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SDM630, SDM636,…
- risk 0.64cvss 9.8epss 0.02
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
- risk 0.64cvss 9.8epss 0.02
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
- risk 0.64cvss 9.8epss 0.02
The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
- risk 0.64cvss 9.8epss 0.02
The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
- risk 0.64cvss 9.8epss 0.02
The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.
- risk 0.51cvss 7.8epss 0.00
Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator…
- risk 0.51cvss 7.8epss 0.02
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.
- risk 0.42cvss 6.5epss 0.02
H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors.
- risk 0.35cvss 5.3epss 0.01
In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.
- CVE-2022-38072Apr 3, 2023risk 0.00cvss —epss 0.01
An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this…