CWE-129: CWE-129
Yearly Trend
Top Affected Vendors
All CWE-129 CVEs (191)
This vulnerability in Garmin Forerunner 235 devices allows attackers to potentially execute arbitrary code by exploiting an array index error in the C...
Nov 16, 2020This vulnerability in Garmin Forerunner 235 devices allows malicious ConnectIQ store applications to escape the restricted execution environment throu...
Nov 16, 2020This vulnerability allows memory corruption during PLMN selection from the SOR failed list in Qualcomm chipsets, potentially enabling remote code exec...
Sep 24, 2025This vulnerability allows remote attackers to execute arbitrary code or cause denial of service by sending specially crafted ML IE frames to affected ...
Feb 3, 2025This CVE-2024-38623 is a buffer overflow vulnerability in the Linux kernel's NTFS3 filesystem driver. It allows attackers to write beyond allocated me...
Jun 21, 2024This is an array overflow vulnerability in the Linux kernel's HNS ethernet driver that could allow local attackers to cause kernel memory corruption. ...
May 24, 2024CVE-2024-34048 is a critical buffer overflow vulnerability in O-RAN RIC I-Release e2mgr where the E2nodeConfigUpdateNotificationHandler lacks proper a...
Apr 30, 2024CVE-2024-31581 is an improper array index validation vulnerability in FFmpeg's H.266 video codec parser that allows attackers to trigger undefined beh...
Apr 17, 2024Vyper smart contract compiler fails to properly validate array index types, allowing signed integers (including negative values) to be used as array i...
Feb 7, 2024This vulnerability allows attackers to send specially crafted Ethernet requests to improperly validated array indexes, potentially causing denial of s...
Apr 18, 2023CVE-2022-26100 is a critical input validation vulnerability in SAPCAR archive utility version 7.22 that allows attackers to crash the process and pote...
Mar 10, 2022This vulnerability allows remote attackers to trigger a UE (User Equipment) assertion in Qualcomm Snapdragon chipsets by sending a specially crafted S...
Sep 9, 2021This vulnerability in Foxit PDF software allows attackers to trigger memory corruption through malformed PDF files, potentially leading to remote code...
Aug 11, 2021A buffer overflow vulnerability in Qualcomm Snapdragon modem firmware allows attackers to execute arbitrary code or cause denial of service. This affe...
Jul 13, 2021This vulnerability allows remote attackers to execute arbitrary code or cause denial of service via buffer overflow in IKEv2 protocol handling in Qual...
Jun 9, 2021This CVE describes an Improper Validation of Array Index vulnerability in Huawei smartphones that allows attackers to execute arbitrary code with syst...
Jun 3, 2021This vulnerability allows attackers to write data beyond allocated memory boundaries while parsing RTT/TTY packets in Qualcomm Snapdragon chipsets. It...
Mar 17, 2021This is a critical out-of-bounds read vulnerability in CGAL's Nef polygon-parsing functionality that can lead to arbitrary code execution. Attackers c...
Mar 4, 2021CVE-2020-28601 is a critical out-of-bounds read vulnerability in CGAL's Nef polygon-parsing functionality that can lead to remote code execution. Atta...
Mar 4, 2021This vulnerability allows remote code execution via buffer overflow in Qualcomm Snapdragon chipsets when processing IKEv2 parameters from ePDG servers...
Feb 22, 2021This vulnerability in Huawei smartphones allows attackers to exploit improper array index validation, potentially causing memory overflow and informat...
Dec 7, 2021A buffer overflow vulnerability in PostgreSQL's text manipulation functions allows authenticated database users to execute arbitrary code with the pri...
Feb 12, 2026This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious SFD font files or visiting malicious web...
Dec 31, 2025This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious SFD font files or visiting malicious web...
Dec 31, 2025This is a memory corruption vulnerability in Apple's WebKit browser engine that allows arbitrary code execution when processing malicious web content....
Aug 14, 2023This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022CVE-2020-35631 is a critical vulnerability in CGAL library's Nef polygon-parsing functionality that allows remote code execution through specially cra...
Apr 18, 2022CVE-2020-28616 is an out-of-bounds read vulnerability in CGAL's Nef polygon-parsing functionality that can lead to type confusion and potential remote...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability allows remote code execution through specially crafted files in CGAL library's Nef polygon-parsing functionality. Attackers can exp...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability allows remote code execution through specially crafted polygon files in CGAL library versions up to 5.1.1. Attackers can exploit ou...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted files that trigger out-of-bounds read and type confusion in ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. Attackers can exploit out-of-bounds read and ...
Apr 18, 2022This vulnerability in CGAL library allows remote code execution through specially crafted polygon files. An attacker can exploit out-of-bounds read an...
Apr 18, 2022This vulnerability allows a malicious USB device host to manipulate endpoint indexes in the Linux kernel's Xilinx USB gadget driver, leading to out-of...
Mar 16, 2022This vulnerability allows remote code execution through a specially crafted file that triggers an out-of-bounds read and type confusion in CGAL's Nef ...
Aug 30, 2021This vulnerability allows remote code execution through an out-of-bounds read and type confusion in CGAL's Nef polygon-parsing functionality. Attacker...
Aug 30, 2021CVE-2020-28589 is an improper array index validation vulnerability in tinyobjloader's LoadObj functionality that allows remote code execution via a ma...
Aug 11, 2021This vulnerability in FFmpeg's EXR image decoder allows out-of-bounds array access due to insufficient validation of the dc_count parameter. Attackers...
Jun 3, 2021An unauthenticated remote attacker can send crafted DHCPv6 messages to Cisco IOS/IOS XE devices with DHCPv6 relay or server features enabled, causing ...
Mar 23, 2023About CWE-129 (CWE-129)
Our database tracks 191 CVEs classified as CWE-129, with 21 rated critical and 148 rated high severity. The average CVSS score for CWE-129 vulnerabilities is 7.9.
External reference: View CWE-129 on MITRE CWE →
Monitor CWE-129 Vulnerabilities
Get alerted when new CWE-129 CVEs affect your infrastructure.
Start Monitoring Free