CWE-125
Out-of-bounds Read
BaseDraft
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (1,460)
page 6 of 73| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-12987 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). | |
| CVE-2017-12986 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). | |
| CVE-2017-12985 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). | |
| CVE-2017-12902 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. | |
| CVE-2017-12901 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2017 | The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). | |
| CVE-2017-12900 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2017 | Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf(). | |
| CVE-2017-12899 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). | |
| CVE-2017-12898 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2017 | The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). | |
| CVE-2017-12897 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2017 | The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print(). | |
| CVE-2017-12896 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). | |
| CVE-2017-12895 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2017 | The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). | |
| CVE-2017-12894 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2017 | Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). | |
| CVE-2017-12893 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2017 | The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). | |
| CVE-2017-13139 | Cri | 0.64 | 9.8 | 0.01 | Aug 23, 2017 | In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk. | |
| CVE-2015-9050 | Cri | 0.64 | 9.8 | 0.00 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists where an array out of bounds access can occur during a CA call. | |
| CVE-2017-12941 | Cri | 0.64 | 9.8 | 0.00 | Aug 18, 2017 | libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. | |
| CVE-2017-12940 | Cri | 0.64 | 9.8 | 0.00 | Aug 18, 2017 | libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. | |
| CVE-2017-11542 | Cri | 0.64 | 9.8 | 0.01 | Jul 23, 2017 | tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. | |
| CVE-2017-11541 | Cri | 0.64 | 9.8 | 0.01 | Jul 23, 2017 | tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. | |
| CVE-2017-11465 | Cri | 0.64 | 9.8 | 0.00 | Jul 19, 2017 | The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as a bypass of a $SAFE protection mechanism. |