VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 16 of 124
  • CVE-2025-4919HigMay 17, 2025
    risk 0.57cvss 8.8epss 0.06

    An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2.

  • CVE-2025-36521HigMay 1, 2025
    risk 0.57cvss 8.8epss 0.00

    MicroDicom DICOM Viewer is vulnerable to an out-of-bounds read which may allow an attacker to cause memory corruption within the application. The user must open a malicious DCM file for exploitation.

  • CVE-2024-48457HigJan 6, 2025
    risk 0.57cvss 7.5epss 0.03

    An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and…

  • CVE-2023-51395HigMar 7, 2024
    risk 0.57cvss 8.8epss 0.00

    The vulnerability described by CVE-2023-0972 has been additionally discovered in Silicon Labs Z-Wave end devices. This vulnerability may allow an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.

  • CVE-2019-19778HigDec 13, 2019
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c.

  • CVE-2019-19777HigDec 13, 2019
    risk 0.57cvss 8.8epss 0.01

    stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.

  • CVE-2018-18196HigOct 9, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in RIFF::List::GetListTypeString in RIFF.cpp.

  • CVE-2018-18194HigOct 9, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample() in DLS.cpp.

  • CVE-2018-16764HigSep 10, 2018
    risk 0.57cvss 8.8epss 0.01

    In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an IR::FunctionValidationContext::catch_all heap-based buffer over-read.

  • CVE-2018-16438HigSep 4, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.

  • CVE-2018-16430HigSep 4, 2018
    risk 0.57cvss 8.8epss 0.03

    GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.

  • CVE-2018-14589HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.

  • CVE-2018-14587HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.

  • CVE-2018-14585HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.

  • CVE-2018-14584HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read.

  • CVE-2018-14460HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.

  • CVE-2018-14454HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp.

  • CVE-2018-14452HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp.

  • CVE-2018-14450HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp.

  • CVE-2018-14449HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp.