VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 19 of 124
  • CVE-2017-14034HigNov 16, 2017
    risk 0.57cvss 8.8epss 0.02

    The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have…

  • CVE-2017-15672HigNov 6, 2017
    risk 0.57cvss 8.8epss 0.02

    The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read.

  • CVE-2017-5088HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.03

    Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.

  • CVE-2017-5077HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.03

    Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

  • CVE-2017-5055HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.02

    A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

  • CVE-2017-5054HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.01

    An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page.

  • CVE-2017-14795HigSep 28, 2017
    risk 0.57cvss 8.8epss 0.01

    The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hls_pcm_sample in…

  • CVE-2017-14316HigSep 12, 2017
    risk 0.57cvss 8.8epss 0.00

    A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While…

  • CVE-2017-13738HigAug 29, 2017
    risk 0.57cvss 8.8epss 0.02

    There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.

  • CVE-2017-12937HigAug 18, 2017
    risk 0.57cvss 8.8epss 0.02

    The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.

  • CVE-2017-12935HigAug 18, 2017
    risk 0.57cvss 8.8epss 0.02

    The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.

  • CVE-2017-12640HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.02

    ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.

  • CVE-2017-12599HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.02

    OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread.

  • CVE-2017-12598HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.02

    OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case.

  • CVE-2017-10928HigJul 5, 2017
    risk 0.57cvss 8.8epss 0.04

    In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the…

  • CVE-2017-8787HigMay 5, 2017
    risk 0.57cvss 8.8epss 0.02

    The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.

  • CVE-2016-10195CriMar 15, 2017
    risk 0.57cvss 9.8epss 0.07

    The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read.

  • CVE-2017-5563HigJan 23, 2017
    risk 0.57cvss 8.8epss 0.03

    LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.

  • CVE-2016-8878HigOct 31, 2016
    risk 0.57cvss 8.8epss 0.03

    Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be…

  • CVE-2016-3621HigOct 3, 2016
    risk 0.57cvss 8.8epss 0.02

    The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.