VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 2 of 124
  • CVE-2018-14819CriSep 26, 2018
    risk 0.64cvss 9.8epss 0.04

    Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified, which may allow remote code execution.

  • CVE-2018-17072CriSep 16, 2018
    risk 0.64cvss 9.8epss 0.02

    JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.

  • CVE-2018-11058CriSep 14, 2018
    risk 0.64cvss 9.8epss 0.04

    RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously…

  • CVE-2018-14565CriJul 23, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.

  • CVE-2018-14532CriJul 23, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846.

  • CVE-2018-13996CriJul 12, 2018
    risk 0.64cvss 9.8epss 0.02

    Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c.

  • CVE-2018-13873CriJul 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c.

  • CVE-2018-13870CriJul 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.

  • CVE-2018-13868CriJul 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c.

  • CVE-2018-13867CriJul 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.

  • CVE-2018-13866CriJul 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c.

  • CVE-2018-13846CriJul 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532.

  • CVE-2018-13845CriJul 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c.

  • CVE-2018-13421CriJul 7, 2018
    risk 0.64cvss 9.8epss 0.02

    Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a heap-based buffer over-read in io::trim_chars in csv.h.

  • CVE-2018-5855CriJul 6, 2018
    risk 0.64cvss 9.8epss 0.01

    While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur.

  • CVE-2018-5882CriJul 6, 2018
    risk 0.64cvss 9.8epss 0.01

    While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.

  • CVE-2018-12910CriJul 5, 2018
    risk 0.64cvss 9.8epss 0.04

    The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

  • CVE-2018-13026CriJun 30, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type.

  • CVE-2018-13011CriJun 29, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate.

  • CVE-2018-13009CriJun 29, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check).