CWE-125
Out-of-bounds Read
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (2,466)
page 124 of 124| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-1120 | 0.00 | — | 0.02 | Mar 1, 2011 | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717. | |||
| CVE-2011-1113 | 0.00 | — | 0.02 | Mar 1, 2011 | Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-0984 | 0.00 | — | 0.02 | Feb 10, 2011 | Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2004-0421 | 0.00 | — | 0.04 | Aug 18, 2004 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. | |||
| CVE-2004-0221 | 0.00 | — | 0.04 | May 4, 2004 | isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||
| CVE-2004-0183 | 0.00 | — | 0.06 | May 4, 2004 | TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. |
- CVE-2011-1120Mar 1, 2011risk 0.00cvss —epss 0.02
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717.
- CVE-2011-1113Mar 1, 2011risk 0.00cvss —epss 0.02
Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-0984Feb 10, 2011risk 0.00cvss —epss 0.02
Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2004-0421Aug 18, 2004risk 0.00cvss —epss 0.04
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
- CVE-2004-0221May 4, 2004risk 0.00cvss —epss 0.04
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.
- CVE-2004-0183May 4, 2004risk 0.00cvss —epss 0.06
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.