CWE-118 · Incorrect Access of Indexable Resource ('Range Error')
15 CVEs classified under CWE-118 (Incorrect Access of Indexable Resource ('Range Error')). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2014-9411 | Critical | 9.8 | 2017-08-18 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback p… |
CVE-2020-3369 | High | 8.6 | 2020-07-16 | A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of s… |
CVE-2023-37923 | High | 7.8 | 2024-01-08 | Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary… |
CVE-2023-37922 | High | 7.8 | 2024-01-08 | Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary… |
CVE-2023-37921 | High | 7.8 | 2024-01-08 | Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary… |
CVE-2017-5884 | High | 7.8 | 2017-02-28 | gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x… |
CVE-2020-3235 | High | 7.7 | 2020-06-03 | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches cou… |
CVE-2024-43524 | Medium | 6.8 | 2024-10-08 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
CVE-2023-0201 | Medium | 6.7 | 2023-04-22 | NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may l… |
CVE-2025-48902 | Medium | 6.6 | 2025-06-06 | Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2022-38072 | Medium | 6.5 | 2023-04-03 | An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially… |
CVE-2017-10872 | Medium | 6.5 | 2017-12-22 | H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors. |
CVE-2022-36402 | Medium | 6.3 | 2022-09-16 | An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri… |
CVE-2025-54628 | Medium | 5.3 | 2025-08-06 | Vulnerability of incomplete verification information in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2017-0302 | Medium | 5.3 | 2017-05-09 | In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a tra… |