CWE-125
Out-of-bounds Read
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (2,466)
page 12 of 124| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-14197 | Cri | 0.59 | 9.1 | 0.02 | Jul 31, 2019 | An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. | ||
| CVE-2018-17983 | — | Cri | 0.59 | 9.1 | 0.02 | Oct 4, 2018 | cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry. | |
| CVE-2017-7758 | Cri | 0.59 | 9.1 | 0.03 | Jun 11, 2018 | An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | ||
| CVE-2017-7753 | Cri | 0.59 | 9.1 | 0.03 | Jun 11, 2018 | An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | ||
| CVE-2018-3745 | — | Cri | 0.59 | 9.1 | 0.02 | May 29, 2018 | atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. | |
| CVE-2018-1000034 | Cri | 0.59 | 9.1 | 0.01 | Feb 9, 2018 | An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. | ||
| CVE-2018-1000033 | Cri | 0.59 | 9.1 | 0.02 | Feb 9, 2018 | An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. | ||
| CVE-2017-0854 | Cri | 0.59 | 9.1 | 0.00 | Nov 16, 2017 | An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837. | ||
| CVE-2017-7544 | Cri | 0.59 | 9.1 | 0.03 | Sep 21, 2017 | libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information… | ||
| CVE-2017-14608 | Cri | 0.59 | 9.1 | 0.02 | Sep 20, 2017 | In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. | ||
| CVE-2017-14122 | Cri | 0.59 | 9.1 | 0.02 | Sep 3, 2017 | unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp. | ||
| CVE-2017-9053 | Cri | 0.59 | 9.1 | 0.02 | May 18, 2017 | An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc_expr_op() is due to a failure to check a pointer for being in bounds (in a few places in this function). | ||
| CVE-2017-8872 | Cri | 0.59 | 9.1 | 0.02 | May 10, 2017 | The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure. | ||
| CVE-2017-7226 | Cri | 0.59 | 9.1 | 0.02 | Mar 22, 2017 | The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several… | ||
| CVE-2017-6969 | Cri | 0.59 | 9.1 | 0.04 | Mar 17, 2017 | readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well. | ||
| CVE-2017-5545 | Cri | 0.59 | 9.1 | 0.04 | Jan 21, 2017 | The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short. | ||
| CVE-2017-5209 | Cri | 0.59 | 9.1 | 0.03 | Jan 11, 2017 | The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data. | ||
| CVE-2016-6520 | Cri | 0.59 | 9.1 | 0.04 | Dec 13, 2016 | Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology. | ||
| CVE-2014-1508 | Cri | 0.59 | 9.1 | 0.04 | Mar 19, 2014 | The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read… | ||
| CVE-2011-3406 | Hig | 0.59 | 8.8 | 0.23 | Dec 14, 2011 | Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold… |
- risk 0.59cvss 9.1epss 0.02
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.
- risk 0.59cvss 9.1epss 0.02
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
- risk 0.59cvss 9.1epss 0.03
An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
- risk 0.59cvss 9.1epss 0.03
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
- risk 0.59cvss 9.1epss 0.02
atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below.
- risk 0.59cvss 9.1epss 0.01
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
- risk 0.59cvss 9.1epss 0.02
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
- risk 0.59cvss 9.1epss 0.00
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837.
- risk 0.59cvss 9.1epss 0.03
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information…
- risk 0.59cvss 9.1epss 0.02
In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
- risk 0.59cvss 9.1epss 0.02
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
- risk 0.59cvss 9.1epss 0.02
An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc_expr_op() is due to a failure to check a pointer for being in bounds (in a few places in this function).
- risk 0.59cvss 9.1epss 0.02
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.
- risk 0.59cvss 9.1epss 0.02
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several…
- risk 0.59cvss 9.1epss 0.04
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
- risk 0.59cvss 9.1epss 0.04
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
- risk 0.59cvss 9.1epss 0.03
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
- risk 0.59cvss 9.1epss 0.04
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.
- risk 0.59cvss 9.1epss 0.04
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read…
- risk 0.59cvss 8.8epss 0.23
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold…