CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

CWE-119

Children

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (1,841)

page 28 of 93

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2018-9989	Arm MbedTLS	Hig	0.49	7.5	0.00	Apr 10, 2018	ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.
CVE-2018-9988	Arm MbedTLS	Hig	0.49	7.5	0.01	Apr 10, 2018	ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.
CVE-2017-17935	Wireshark Wireshark	Hig	0.49	7.5	0.00	Dec 27, 2017	The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted…
CVE-2017-13878	Apple Inc. macOS	Hig	0.49	7.1	0.00	Dec 25, 2017	An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read and system crash).
CVE-2017-15320	Huawei Te30	Hig	0.49	7.5	0.00	Dec 22, 2017	RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input…
CVE-2017-15319	Huawei Te30	Hig	0.49	7.5	0.00	Dec 22, 2017	RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input…
CVE-2017-15318	Huawei Te30	Hig	0.49	7.5	0.00	Dec 22, 2017	RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input…
CVE-2017-15317	Huawei AR1200	Hig	0.49	7.5	0.00	Dec 22, 2017	AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02,…
CVE-2017-17818	Nasm NASM	Hig	0.49	7.5	0.01	Dec 21, 2017	In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.
CVE-2017-17783	Graphicsmagick Graphicsmagick	Hig	0.49	7.5	0.00	Dec 20, 2017	In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.
CVE-2017-17066	Getkovri Kovri	Hig	0.49	7.5	0.01	Dec 5, 2017	The (1) i2pd before 2.17 and (2) kovri pre-alpha implementations of the I2P routing protocol do not properly handle Garlic DeliveryTypeTunnel packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer…
CVE-2017-11093	Qualcomm MSM	Hig	0.49	7.5	0.00	Nov 16, 2017	In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be…
CVE-2017-11090	Google Android	Hig	0.49	7.5	0.00	Nov 16, 2017	In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wlan_hdd_cfg80211_set_pmksa when user space application sends PMKID of size less than WLAN_PMKID_LEN bytes.
CVE-2017-11089	Google Android	Hig	0.49	7.5	0.01	Nov 16, 2017	In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes
CVE-2017-11058	Google Android SDK	Hig	0.49	7.5	0.00	Nov 16, 2017	In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.
CVE-2017-15228	Irssi Irssi	Hig	0.49	7.5	0.00	Oct 22, 2017	Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string.
CVE-2017-9717	Google Android	Hig	0.49	7.5	0.00	Oct 10, 2017	In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur.
CVE-2017-9715	Google Android	Hig	0.49	7.5	0.00	Oct 10, 2017	In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur.
CVE-2017-11064	Google Android	Hig	0.49	7.5	0.00	Oct 10, 2017	In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211…
CVE-2017-11062	Google Android	Hig	0.49	7.5	0.00	Oct 10, 2017	In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in __wlan_hdd_cfg80211_do_acs which can potentially lead to a buffer overread.

CVE-2018-9989HigApr 10, 2018
Arm
MbedTLS
risk 0.49cvss 7.5epss 0.00
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.
CVE-2018-9988HigApr 10, 2018
Arm
MbedTLS
risk 0.49cvss 7.5epss 0.01
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.
CVE-2017-17935HigDec 27, 2017
Wireshark
Wireshark
risk 0.49cvss 7.5epss 0.00
The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted…
CVE-2017-13878HigDec 25, 2017
Apple Inc.
macOS
risk 0.49cvss 7.1epss 0.00
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read and system crash).
CVE-2017-15320HigDec 22, 2017
Huawei
Te30
risk 0.49cvss 7.5epss 0.00
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input…
CVE-2017-15319HigDec 22, 2017
Huawei
Te30
risk 0.49cvss 7.5epss 0.00
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input…
CVE-2017-15318HigDec 22, 2017
Huawei
Te30
risk 0.49cvss 7.5epss 0.00
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input…
CVE-2017-15317HigDec 22, 2017
Huawei
AR1200
risk 0.49cvss 7.5epss 0.00
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02,…
CVE-2017-17818HigDec 21, 2017
Nasm
NASM
risk 0.49cvss 7.5epss 0.01
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.
CVE-2017-17783HigDec 20, 2017
Graphicsmagick
Graphicsmagick
risk 0.49cvss 7.5epss 0.00
In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.
CVE-2017-17066HigDec 5, 2017
Getkovri
Kovri
risk 0.49cvss 7.5epss 0.01
The (1) i2pd before 2.17 and (2) kovri pre-alpha implementations of the I2P routing protocol do not properly handle Garlic DeliveryTypeTunnel packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer…
CVE-2017-11093HigNov 16, 2017
Qualcomm
MSM
risk 0.49cvss 7.5epss 0.00
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be…
CVE-2017-11090HigNov 16, 2017
Google
Android
risk 0.49cvss 7.5epss 0.00
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wlan_hdd_cfg80211_set_pmksa when user space application sends PMKID of size less than WLAN_PMKID_LEN bytes.
CVE-2017-11089HigNov 16, 2017
Google
Android
risk 0.49cvss 7.5epss 0.01
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes
CVE-2017-11058HigNov 16, 2017
Google
Android SDK
risk 0.49cvss 7.5epss 0.00
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.
CVE-2017-15228HigOct 22, 2017
Irssi
Irssi
risk 0.49cvss 7.5epss 0.00
Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string.
CVE-2017-9717HigOct 10, 2017
Google
Android
risk 0.49cvss 7.5epss 0.00
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur.
CVE-2017-9715HigOct 10, 2017
Google
Android
risk 0.49cvss 7.5epss 0.00
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur.
CVE-2017-11064HigOct 10, 2017
Google
Android
risk 0.49cvss 7.5epss 0.00
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211…
CVE-2017-11062HigOct 10, 2017
Google
Android
risk 0.49cvss 7.5epss 0.00
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in __wlan_hdd_cfg80211_do_acs which can potentially lead to a buffer overread.