CWE-125
Out-of-bounds Read
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (2,466)
page 3 of 124| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-13008 | Cri | 0.64 | 9.8 | 0.02 | Jun 29, 2018 | An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level. | ||
| CVE-2018-13007 | Cri | 0.64 | 9.8 | 0.02 | Jun 29, 2018 | An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check). | ||
| CVE-2018-13005 | Cri | 0.64 | 9.8 | 0.03 | Jun 29, 2018 | An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read. | ||
| CVE-2018-12917 | Cri | 0.64 | 9.8 | 0.01 | Jun 27, 2018 | In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c. | ||
| CVE-2018-12915 | Cri | 0.64 | 9.8 | 0.01 | Jun 27, 2018 | In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in calc_hash in map.c. | ||
| CVE-2018-0310 | Cri | 0.64 | 9.8 | 0.04 | Jun 21, 2018 | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The… | ||
| CVE-2018-0304 | Cri | 0.64 | 9.8 | 0.09 | Jun 20, 2018 | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary code as root. The… | ||
| CVE-2018-10623 | Cri | 0.64 | 9.8 | 0.04 | Jun 18, 2018 | Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory… | ||
| CVE-2018-12503 | Cri | 0.64 | 9.8 | 0.02 | Jun 16, 2018 | tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h. | ||
| CVE-2017-7778 | Cri | 0.64 | 9.8 | 0.05 | Jun 11, 2018 | A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox < 54, Firefox ESR <… | ||
| CVE-2017-5465 | Cri | 0.64 | 9.1 | 0.19 | Jun 11, 2018 | An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9,… | ||
| CVE-2017-5446 | Cri | 0.64 | 9.8 | 0.03 | Jun 11, 2018 | An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | ||
| CVE-2018-12092 | Cri | 0.64 | 9.8 | 0.02 | Jun 11, 2018 | tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. | ||
| CVE-2018-12064 | Cri | 0.64 | 9.8 | 0.01 | Jun 8, 2018 | tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h. | ||
| CVE-2018-11576 | Cri | 0.64 | 9.8 | 0.01 | May 31, 2018 | ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. | ||
| CVE-2018-11547 | Cri | 0.64 | 9.8 | 0.02 | May 29, 2018 | md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination. | ||
| CVE-2018-11546 | Cri | 0.64 | 9.8 | 0.02 | May 29, 2018 | md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error. | ||
| CVE-2018-11419 | Cri | 0.64 | 9.8 | 0.02 | May 24, 2018 | An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c. | ||
| CVE-2018-11418 | Cri | 0.64 | 9.8 | 0.02 | May 24, 2018 | An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c. | ||
| CVE-2017-11307 | Cri | 0.64 | 9.8 | 0.06 | May 19, 2018 | Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the… |
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check).
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.
- risk 0.64cvss 9.8epss 0.01
In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c.
- risk 0.64cvss 9.8epss 0.01
In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in calc_hash in map.c.
- risk 0.64cvss 9.8epss 0.04
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The…
- risk 0.64cvss 9.8epss 0.09
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary code as root. The…
- risk 0.64cvss 9.8epss 0.04
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory…
- risk 0.64cvss 9.8epss 0.02
tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h.
- risk 0.64cvss 9.8epss 0.05
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox < 54, Firefox ESR <…
- risk 0.64cvss 9.1epss 0.19
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9,…
- risk 0.64cvss 9.8epss 0.03
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
- risk 0.64cvss 9.8epss 0.02
tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.
- risk 0.64cvss 9.8epss 0.01
tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h.
- risk 0.64cvss 9.8epss 0.01
ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor.
- risk 0.64cvss 9.8epss 0.02
md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination.
- risk 0.64cvss 9.8epss 0.02
md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
- risk 0.64cvss 9.8epss 0.06
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the…