CWE-125
Out-of-bounds Read
BaseDraft
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (1,460)
page 72 of 73| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-3995 | 0.00 | — | 0.02 | Oct 10, 2012 | The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2012-5110 | 0.00 | — | 0.01 | Oct 9, 2012 | The compositor in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2012-5109 | 0.00 | — | 0.01 | Oct 9, 2012 | The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression. | ||
| CVE-2011-3066 | 0.00 | — | 0.01 | Apr 5, 2012 | Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3060 | 0.00 | — | 0.02 | Mar 30, 2012 | Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3059 | 0.00 | — | 0.02 | Mar 30, 2012 | Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3057 | 0.00 | — | 0.02 | Mar 22, 2012 | Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation. | ||
| CVE-2011-3040 | 0.00 | — | 0.03 | Mar 5, 2012 | Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | ||
| CVE-2011-3025 | 0.00 | — | 0.01 | Feb 16, 2012 | Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3970 | 0.00 | — | 0.00 | Feb 9, 2012 | libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3963 | 0.00 | — | 0.01 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3962 | 0.00 | — | 0.02 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3960 | 0.00 | — | 0.02 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3916 | 0.00 | — | 0.01 | Dec 13, 2011 | Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3911 | 0.00 | — | 0.01 | Dec 13, 2011 | Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3910 | 0.00 | — | 0.01 | Dec 13, 2011 | Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3908 | 0.00 | — | 0.02 | Dec 13, 2011 | Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3906 | 0.00 | — | 0.01 | Dec 13, 2011 | The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3905 | 0.00 | — | 0.01 | Dec 13, 2011 | libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3893 | 0.00 | — | 0.02 | Nov 11, 2011 | Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |