VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 14 of 124
  • CVE-2017-16401HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is…

  • CVE-2017-16400HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is…

  • CVE-2017-16399HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in the XPS parsing module.…

  • CVE-2017-16397HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is…

  • CVE-2017-16394HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is…

  • CVE-2017-16384HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the exif processing module…

  • CVE-2017-16382HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is…

  • CVE-2017-16376HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is…

  • CVE-2017-16374HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the JPEG 2000 module. An…

  • CVE-2017-16370HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs because of a computation that reads data that is past…

  • CVE-2017-16365HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the True Type2 Font parsing…

  • CVE-2017-16363HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the module that handles…

  • CVE-2017-16362HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of an out of bounds read vulnerability in the…

  • CVE-2017-9935HigJun 26, 2017
    risk 0.58cvss 8.8epss 0.04

    In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or…

  • CVE-2017-8454HigMay 3, 2017
    risk 0.58cvss 8.8epss 0.04

    Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.

  • CVE-2017-8453HigMay 3, 2017
    risk 0.58cvss 8.8epss 0.04

    Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.

  • CVE-2016-6491HigDec 13, 2016
    risk 0.58cvss 8.8epss 0.05

    Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.

  • CVE-1999-0029HigJul 16, 1997
    risk 0.58cvss 8.4epss 0.01

    root privileges via buffer overflow in ordist command on SGI IRIX systems.

  • CVE-2026-11301HigJun 5, 2026
    risk 0.57cvss 8.8epss 0.00

    Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via malicious network traffic. (Chromium security severity: Low)

  • CVE-2026-11279HigJun 5, 2026
    risk 0.57cvss 8.8epss 0.00

    Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)