CWE-125
Out-of-bounds Read
Description
The product reads data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-540
CVEs mapped to this weakness (1,743)
page 87 of 88| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-3906 | 0.00 | — | 0.01 | Dec 13, 2011 | The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-3905 | 0.00 | — | 0.01 | Dec 13, 2011 | libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-3893 | 0.00 | — | 0.01 | Nov 11, 2011 | Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-3234 | 0.00 | — | 0.03 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2864 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2858 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2851 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2850 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2844 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2843 | 0.00 | — | 0.01 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2803 | 0.00 | — | 0.01 | Aug 3, 2011 | Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2794 | 0.00 | — | 0.01 | Aug 3, 2011 | Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-2345 | 0.00 | — | 0.01 | Jun 29, 2011 | The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-1455 | 0.00 | — | 0.01 | May 3, 2011 | Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | |||
| CVE-2011-1445 | 0.00 | — | 0.01 | May 3, 2011 | Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-1192 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-1122 | 0.00 | — | 0.02 | Mar 1, 2011 | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960. | |||
| CVE-2011-1120 | 0.00 | — | 0.02 | Mar 1, 2011 | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717. | |||
| CVE-2011-1113 | 0.00 | — | 0.02 | Mar 1, 2011 | Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-0984 | 0.00 | — | 0.02 | Feb 10, 2011 | Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
- CVE-2011-3906Dec 13, 2011risk 0.00cvss —epss 0.01
The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3905Dec 13, 2011risk 0.00cvss —epss 0.01
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3893Nov 11, 2011risk 0.00cvss —epss 0.01
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3234Sep 19, 2011risk 0.00cvss —epss 0.03
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2864Sep 19, 2011risk 0.00cvss —epss 0.01
Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2858Sep 19, 2011risk 0.00cvss —epss 0.01
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2851Sep 19, 2011risk 0.00cvss —epss 0.01
Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2850Sep 19, 2011risk 0.00cvss —epss 0.01
Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2844Sep 19, 2011risk 0.00cvss —epss 0.01
Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2843Sep 19, 2011risk 0.00cvss —epss 0.01
Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2803Aug 3, 2011risk 0.00cvss —epss 0.01
Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2794Aug 3, 2011risk 0.00cvss —epss 0.01
Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-2345Jun 29, 2011risk 0.00cvss —epss 0.01
The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-1455May 3, 2011risk 0.00cvss —epss 0.01
Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
- CVE-2011-1445May 3, 2011risk 0.00cvss —epss 0.01
Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-1192Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-1122Mar 1, 2011risk 0.00cvss —epss 0.02
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960.
- CVE-2011-1120Mar 1, 2011risk 0.00cvss —epss 0.02
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717.
- CVE-2011-1113Mar 1, 2011risk 0.00cvss —epss 0.02
Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-0984Feb 10, 2011risk 0.00cvss —epss 0.02
Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.