CWE-125
Out-of-bounds Read
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (2,466)
page 2 of 124| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-14819 | Cri | 0.64 | 9.8 | 0.04 | Sep 26, 2018 | Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified, which may allow remote code execution. | ||
| CVE-2018-17072 | Cri | 0.64 | 9.8 | 0.02 | Sep 16, 2018 | JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y. | ||
| CVE-2018-11058 | Cri | 0.64 | 9.8 | 0.04 | Sep 14, 2018 | RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously… | ||
| CVE-2018-14565 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2018 | An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h. | ||
| CVE-2018-14532 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2018 | An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846. | ||
| CVE-2018-13996 | Cri | 0.64 | 9.8 | 0.02 | Jul 12, 2018 | Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c. | ||
| CVE-2018-13873 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c. | ||
| CVE-2018-13870 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c. | ||
| CVE-2018-13868 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c. | ||
| CVE-2018-13867 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c. | ||
| CVE-2018-13866 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c. | ||
| CVE-2018-13846 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2018 | An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532. | ||
| CVE-2018-13845 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2018 | An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c. | ||
| CVE-2018-13421 | Cri | 0.64 | 9.8 | 0.02 | Jul 7, 2018 | Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a heap-based buffer over-read in io::trim_chars in csv.h. | ||
| CVE-2018-5855 | — | Cri | 0.64 | 9.8 | 0.01 | Jul 6, 2018 | While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur. | |
| CVE-2018-5882 | Cri | 0.64 | 9.8 | 0.01 | Jul 6, 2018 | While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. | ||
| CVE-2018-12910 | Cri | 0.64 | 9.8 | 0.04 | Jul 5, 2018 | The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. | ||
| CVE-2018-13026 | Cri | 0.64 | 9.8 | 0.02 | Jun 30, 2018 | An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type. | ||
| CVE-2018-13011 | Cri | 0.64 | 9.8 | 0.02 | Jun 29, 2018 | An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate. | ||
| CVE-2018-13009 | Cri | 0.64 | 9.8 | 0.02 | Jun 29, 2018 | An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check). |
- risk 0.64cvss 9.8epss 0.04
Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified, which may allow remote code execution.
- risk 0.64cvss 9.8epss 0.02
JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.
- risk 0.64cvss 9.8epss 0.04
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846.
- risk 0.64cvss 9.8epss 0.02
Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c.
- risk 0.64cvss 9.8epss 0.02
An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532.
- risk 0.64cvss 9.8epss 0.02
An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c.
- risk 0.64cvss 9.8epss 0.02
Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a heap-based buffer over-read in io::trim_chars in csv.h.
- risk 0.64cvss 9.8epss 0.01
While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur.
- risk 0.64cvss 9.8epss 0.01
While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
- risk 0.64cvss 9.8epss 0.04
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check).