CWE-125
Out-of-bounds Read
BaseDraft
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (1,460)
page 73 of 73| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-3234 | 0.00 | — | 0.03 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2864 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2858 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2851 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2850 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2844 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2843 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2803 | 0.00 | — | 0.01 | Aug 3, 2011 | Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2794 | 0.00 | — | 0.01 | Aug 3, 2011 | Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-2345 | 0.00 | — | 0.01 | Jun 29, 2011 | The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-1455 | 0.00 | — | 0.01 | May 3, 2011 | Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | ||
| CVE-2011-1445 | 0.00 | — | 0.01 | May 3, 2011 | Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-1192 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-1122 | 0.00 | — | 0.02 | Mar 1, 2011 | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960. | ||
| CVE-2011-1120 | 0.00 | — | 0.02 | Mar 1, 2011 | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717. | ||
| CVE-2011-1113 | 0.00 | — | 0.02 | Mar 1, 2011 | Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-0984 | 0.00 | — | 0.02 | Feb 10, 2011 | Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2004-0112 | 0.00 | — | 0.01 | Nov 23, 2004 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | ||
| CVE-2004-0421 | 0.00 | — | 0.03 | Aug 18, 2004 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. | ||
| CVE-2004-0221 | 0.00 | — | 0.02 | May 4, 2004 | isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite. |