CVEbaza.plSłownik CWECWE-1285
Common Weakness Enumeration

CWE-1285

Improper Validation of Specified Index, Position, or Offset in Input

Kategoria: BaseCVE: 57
Opis

Produkt otrzymuje dane wejściowe, które mają określać indeks, pozycję lub przesunięcie do zasobu indeksowanego takiego jak bufor czy plik, ale nie weryfikuje lub nieprawidłowo weryfikuje, czy określony indeks/pozycja/przesunięcie ma wymagane właściwości. Brak lub niewystarczająca walidacja może prowadzić do dostępu poza granicami zasobu lub innych zagrożeń bezpieczeństwa.

Description (EN)

The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.

Podatności CVE z CWE-1285 (57)
9.8
CVSS
CRITICAL
CVE-2025-67268

Podatność heap-based out-of-bounds write (CWE-122) w projekcie gpsd umożliwia atakującemu zdalne wykonanie kodu (RCE) lub wywołanie awarii usługi (DoS) poprzez spreparowane pakiety NMEA2000. Błąd dotyczy wersji gpsd sprzed commitu dc966aa i otrzymał ocenę CVSS 9.8 (CRITICAL).

pub. 2026-01-02
9.8
CVSS
CRITICAL
CVE-2025-3357

Podatność w IBM Tivoli Monitoring umożliwia zdalnemu, nieuwierzytelnionemu atakującemu wykonanie dowolnego kodu na podatnym systemie. Wysoki wynik CVSS 9.8 i brak wymagań wstępnych po stronie atakującego czynią tę lukę szczególnie niebezpieczną.

pub. 2025-05-28
9.1
CVSS
CRITICAL
CVE-2026-33557

W Apache Kafka domyślna klasa walidatora JWT (`DefaultJwtValidator`) akceptuje tokeny JWT bez weryfikacji podpisu, wystawcy ani odbiorcy. Atakujący może wygenerować dowolny token JWT i podszyć się pod dowolnego użytkownika brokera, co stanowi krytyczne zagrożenie dla bezpieczeństwa autoryzacji.

pub. 2026-04-20
9.1
CVSS
CRITICAL
CVE-2025-3755

Podatność w modułach CPU serii MELSEC iQ-F firmy Mitsubishi Electric umożliwia nieuwierzytelnionemu atakującemu zdalnie odczytanie informacji z urządzenia oraz wywołanie stanu Denial-of-Service (DoS). W najgorszym scenariuszu możliwe jest całkowite zatrzymanie pracy modułu CPU, wymagające fizycznego resetu urządzenia do przywrócenia działania.

pub. 2025-05-29
8.9
CVSS
HIGH
CVE-2026-12681

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Google go-attestation. parseEfiSignatureList() does not advance the buffer past vendor bytes before reading entries. For hashSHA256SigGUID lists, this allows attacker-controlled vendor header bytes to be appended to the trusted SHA256 hash list. A crafted TPM event log could inject arbitrary SHA256 hashes into the verifier's trusted measurement database, enabling a remote attestation verifier to accept a compromised boot state. This issue affects go-attestation: through 0.6.0.

pub. 2026-06-24
8.8
CVSS
HIGH
CVE-2026-2006

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

pub. 2026-02-12
8.8
CVSS
HIGH
CVE-2024-36342

Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.

pub. 2025-09-06
8.6
CVSS
HIGH
CVE-2023-46724

Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.

pub. 2023-11-01
8.5
CVSS
HIGH
CVE-2025-57774

There is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.

pub. 2025-09-02
8.5
CVSS
HIGH
CVE-2025-57775

There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.

pub. 2025-09-02
8.5
CVSS
HIGH
CVE-2025-57776

There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.

pub. 2025-09-02
8.5
CVSS
HIGH
CVE-2025-57777

There is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.

pub. 2025-09-02
8.5
CVSS
HIGH
CVE-2025-57778

There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.

pub. 2025-09-02
8.5
CVSS
HIGH
CVE-2025-9189

There is an out of bounds write vulnerability due to improper bounds checking resulting in a large destination address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab.

pub. 2025-09-02
8.5
CVSS
HIGH
CVE-2025-7848

A memory corruption vulnerability due to improper input validation in lvpict.cpp exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

pub. 2025-07-29
8.5
CVSS
HIGH
CVE-2025-7849

A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

pub. 2025-07-29
8.4
CVSS
HIGH
CVE-2026-8036

Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.

pub. 2026-06-02
8.4
CVSS
HIGH
CVE-2024-10494

An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions.

pub. 2024-12-10
8.4
CVSS
HIGH
CVE-2024-10495

An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions.

pub. 2024-12-10
8.4
CVSS
HIGH
CVE-2024-10496

An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions.

pub. 2024-12-10
Pokazano 20 z 57 podatności
Informacje
ID: CWE-1285
Typ: Base
Podatności: 57
MITRE CWE ↗
← Słownik CWE