VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 3 of 124
  • CVE-2018-13008CriJun 29, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level.

  • CVE-2018-13007CriJun 29, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check).

  • CVE-2018-13005CriJun 29, 2018
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.

  • CVE-2018-12917CriJun 27, 2018
    risk 0.64cvss 9.8epss 0.01

    In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c.

  • CVE-2018-12915CriJun 27, 2018
    risk 0.64cvss 9.8epss 0.01

    In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in calc_hash in map.c.

  • CVE-2018-0310CriJun 21, 2018
    risk 0.64cvss 9.8epss 0.04

    A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The…

  • CVE-2018-0304CriJun 20, 2018
    risk 0.64cvss 9.8epss 0.09

    A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary code as root. The…

  • CVE-2018-10623CriJun 18, 2018
    risk 0.64cvss 9.8epss 0.04

    Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory…

  • CVE-2018-12503CriJun 16, 2018
    risk 0.64cvss 9.8epss 0.02

    tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h.

  • CVE-2017-7778CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.05

    A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox < 54, Firefox ESR <…

  • CVE-2017-5465CriJun 11, 2018
    risk 0.64cvss 9.1epss 0.19

    An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9,…

  • CVE-2017-5446CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.03

    An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

  • CVE-2018-12092CriJun 11, 2018
    risk 0.64cvss 9.8epss 0.02

    tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.

  • CVE-2018-12064CriJun 8, 2018
    risk 0.64cvss 9.8epss 0.01

    tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h.

  • CVE-2018-11576CriMay 31, 2018
    risk 0.64cvss 9.8epss 0.01

    ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor.

  • CVE-2018-11547CriMay 29, 2018
    risk 0.64cvss 9.8epss 0.02

    md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination.

  • CVE-2018-11546CriMay 29, 2018
    risk 0.64cvss 9.8epss 0.02

    md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error.

  • CVE-2018-11419CriMay 24, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c.

  • CVE-2018-11418CriMay 24, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c.

  • CVE-2017-11307CriMay 19, 2018
    risk 0.64cvss 9.8epss 0.06

    Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the…