VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 12 of 124
  • CVE-2019-14197CriJul 31, 2019
    risk 0.59cvss 9.1epss 0.02

    An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.

  • CVE-2018-17983CriOct 4, 2018
    risk 0.59cvss 9.1epss 0.02

    cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.

  • CVE-2017-7758CriJun 11, 2018
    risk 0.59cvss 9.1epss 0.03

    An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

  • CVE-2017-7753CriJun 11, 2018
    risk 0.59cvss 9.1epss 0.03

    An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

  • CVE-2018-3745CriMay 29, 2018
    risk 0.59cvss 9.1epss 0.02

    atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below.

  • CVE-2018-1000034CriFeb 9, 2018
    risk 0.59cvss 9.1epss 0.01

    An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.

  • CVE-2018-1000033CriFeb 9, 2018
    risk 0.59cvss 9.1epss 0.02

    An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.

  • CVE-2017-0854CriNov 16, 2017
    risk 0.59cvss 9.1epss 0.00

    An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837.

  • CVE-2017-7544CriSep 21, 2017
    risk 0.59cvss 9.1epss 0.03

    libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information…

  • CVE-2017-14608CriSep 20, 2017
    risk 0.59cvss 9.1epss 0.02

    In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

  • CVE-2017-14122CriSep 3, 2017
    risk 0.59cvss 9.1epss 0.02

    unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.

  • CVE-2017-9053CriMay 18, 2017
    risk 0.59cvss 9.1epss 0.02

    An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc_expr_op() is due to a failure to check a pointer for being in bounds (in a few places in this function).

  • CVE-2017-8872CriMay 10, 2017
    risk 0.59cvss 9.1epss 0.02

    The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.

  • CVE-2017-7226CriMar 22, 2017
    risk 0.59cvss 9.1epss 0.02

    The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several…

  • CVE-2017-6969CriMar 17, 2017
    risk 0.59cvss 9.1epss 0.04

    readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.

  • CVE-2017-5545CriJan 21, 2017
    risk 0.59cvss 9.1epss 0.04

    The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.

  • CVE-2017-5209CriJan 11, 2017
    risk 0.59cvss 9.1epss 0.03

    The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.

  • CVE-2016-6520CriDec 13, 2016
    risk 0.59cvss 9.1epss 0.04

    Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.

  • CVE-2014-1508CriMar 19, 2014
    risk 0.59cvss 9.1epss 0.04

    The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read…

  • CVE-2011-3406HigDec 14, 2011
    risk 0.59cvss 8.8epss 0.23

    Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold…