CWE-125
Out-of-bounds Read
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (2,466)
page 18 of 124| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-7438 | Hig | 0.57 | 8.8 | 0.02 | Feb 23, 2018 | An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parse_unicode_string function. | ||
| CVE-2018-7437 | — | Hig | 0.57 | 8.8 | 0.02 | Feb 23, 2018 | An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parse_SST function. | |
| CVE-2018-7436 | Hig | 0.57 | 8.8 | 0.02 | Feb 23, 2018 | An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parse_SST function. | ||
| CVE-2018-7435 | Hig | 0.57 | 8.8 | 0.02 | Feb 23, 2018 | An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroy_cell function. | ||
| CVE-2017-15388 | Hig | 0.57 | 8.8 | 0.02 | Feb 7, 2018 | Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||
| CVE-2018-6406 | Hig | 0.57 | 8.8 | 0.02 | Jan 30, 2018 | The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read… | ||
| CVE-2018-6315 | Hig | 0.57 | 8.8 | 0.03 | Jan 25, 2018 | The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file. | ||
| CVE-2018-5360 | Hig | 0.57 | 8.8 | 0.02 | Jan 14, 2018 | LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. | ||
| CVE-2018-5248 | Hig | 0.57 | 8.8 | 0.04 | Jan 5, 2018 | In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. | ||
| CVE-2017-17942 | Hig | 0.57 | 8.8 | 0.02 | Dec 28, 2017 | In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. | ||
| CVE-2017-17915 | Hig | 0.57 | 8.8 | 0.02 | Dec 27, 2017 | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. | ||
| CVE-2017-17913 | Hig | 0.57 | 8.8 | 0.02 | Dec 27, 2017 | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. | ||
| CVE-2017-17912 | Hig | 0.57 | 8.8 | 0.02 | Dec 27, 2017 | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. | ||
| CVE-2017-17880 | Hig | 0.57 | 8.8 | 0.01 | Dec 27, 2017 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check. | ||
| CVE-2017-17879 | Hig | 0.57 | 8.8 | 0.03 | Dec 27, 2017 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error. | ||
| CVE-2017-17782 | Hig | 0.57 | 8.8 | 0.02 | Dec 20, 2017 | In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation. | ||
| CVE-2017-17503 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2017 | ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17502 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2017 | ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17501 | Hig | 0.57 | 8.8 | 0.03 | Dec 11, 2017 | WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17500 | Hig | 0.57 | 8.8 | 0.03 | Dec 11, 2017 | ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file. |
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parse_unicode_string function.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parse_SST function.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parse_SST function.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroy_cell function.
- risk 0.57cvss 8.8epss 0.02
Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read…
- risk 0.57cvss 8.8epss 0.03
The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file.
- risk 0.57cvss 8.8epss 0.02
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.
- risk 0.57cvss 8.8epss 0.04
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.
- risk 0.57cvss 8.8epss 0.02
In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.
- risk 0.57cvss 8.8epss 0.01
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.
- risk 0.57cvss 8.8epss 0.03
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.
- risk 0.57cvss 8.8epss 0.02
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.02
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.03
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.03
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.