11 vulnerabilities classified as CWE-118 (对可索引资源的访问不恰当(越界错误)). AI Chinese analysis included.
CWE-118, Incorrect Access of Indexable Resource, is a critical memory safety weakness where software fails to properly validate bounds before accessing indexed data structures like arrays or buffers. Attackers typically exploit this vulnerability by supplying crafted input that exceeds the allocated resource limits, enabling unauthorized memory reads or writes. This can lead to severe consequences, including application crashes, data corruption, or the execution of arbitrary code through buffer overflow techniques. To mitigate this risk, developers must implement rigorous input validation and enforce strict boundary checks before any indexing operation. Utilizing safe programming languages with automatic memory management, employing static analysis tools to detect out-of-bounds access, and adopting defensive coding practices that explicitly verify array indices against their maximum valid values are essential strategies for preventing these exploitable errors in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54628 | Huawei HarmonyOS和Huawei EMUI 安全漏洞 — HarmonyOS | 5.3 | Medium | 2025-08-06 |
| CVE-2025-48902 | Huawei HarmonyOS 安全漏洞 — HarmonyOS | 6.6 | Medium | 2025-06-06 |
| CVE-2024-43524 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability — Windows 10 Version 1809 | 6.8 | Medium | 2024-10-08 |
| CVE-2023-37922 | GTKWave 代码问题漏洞 — GTKWave | 7.8 | High | 2024-01-08 |
| CVE-2023-37923 | GTKWave 代码问题漏洞 — GTKWave | 7.8 | High | 2024-01-08 |
| CVE-2023-37921 | GTKWave 代码问题漏洞 — GTKWave | 7.8 | High | 2024-01-08 |
| CVE-2023-0201 | NVIDIA DGX-2 缓冲区错误漏洞 — NVIDIA DGX servers | 6.7 | Medium | 2023-04-22 |
| CVE-2022-38072 | ADMesh 输入验证错误漏洞 — ADMesh | 6.5 | Medium | 2023-04-03 |
| CVE-2022-36402 | There is an int overflow vulnerability in vmwgfx driver — kernel | 6.3 | Medium | 2022-09-16 |
| CVE-2020-3369 | Cisco SD-WAN vEdge Routers Denial of Service Vulnerability — Cisco SD-WAN vEdge router | 7.5 | - | 2020-07-16 |
| CVE-2020-3235 | Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability — Cisco IOS 12.2(53)SG1 | 7.7 | - | 2020-06-03 |
Vulnerabilities classified as CWE-118 (对可索引资源的访问不恰当(越界错误)) represent 11 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.