CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,947 vulnerabilities with CWE-125
CVE-2017-11540 MEDIUM
ImageMagick 7.0.6-1 - Buffer Overflow
CVSS 6.5
CVE-2017-11535 MEDIUM
ImageMagick 7.0.6-1 - Buffer Overflow
CVSS 6.5
CVE-2017-11533 MEDIUM
ImageMagick 7.0.6-1 - Buffer Overflow
CVSS 6.5
CVE-2017-7036 MEDIUM
macOS < 10.12.6 - Out-of-bounds Read in Intel Graphics Driver
CVSS 5.5
CVE-2017-7013 HIGH
Apple iCloud < 6.2.2 - Out-of-bounds Read in libxml2 via Crafted XML File
CVSS 7.8
CVE-2017-7010 HIGH
Apple libxml2 - Info Disclosure/DoS
CVSS 7.8
CVE-2017-11465 CRITICAL
Ruby 2.4.1 - Out-of-bounds Read in UTF-8 Parser
CVSS 9.8
CVE-2017-11423 MEDIUM
libmspack 0.5alpha - Denial of Service via Crafted CAB File
CVSS 5.5
CVE-2017-11399 HIGH
FFmpeg 2.4-3.3.2 - Out-of-bounds Read via Crafted APE File
CVSS 7.8
CVE-2017-10987 HIGH
FreeRADIUS 3.x - Denial of Service via DHCP Suboption Decoding
CVSS 7.5
CVE-2017-10982 HIGH
FreeRADIUS 2.x < 2.2.10 - Denial of Service via DHCP Option Decoding Buffer Over-Read
CVSS 7.5
CVE-2017-11367 HIGH
shoco < 2017-07-17 - Denial of Service via Malformed Compressed Data
CVSS 7.5
CVE-2017-9814 HIGH
cairo < 1.15.6 - Denial of Service via Out-of-bounds Read in cairo-truetype-subset.c
CVSS 7.5
CVE-2017-11341 HIGH
libsass 3.4.5 - Heap-Based Buffer Over-Read in Lexer
CVSS 7.5
CVE-2017-11336 MEDIUM
Exiv2 - Heap-Based Buffer Over-Read in Image::printIFDStructure
CVSS 6.5
CVE-2017-11147 CRITICAL
PHP < 5.6.30 and 7.x < 7.0.15 - Out-of-bounds Read in PHAR Archive Handler
CVSS 9.1
CVE-2017-11126 MEDIUM
mpg123 < 1.25.1 - Denial of Service via Crafted Audio File in III_i_stereo Function
CVSS 5.5
CVE-2017-11108 HIGH
tcpdump 4.9.0 - Denial of Service via Crafted Spanning Tree Protocol Packet
CVSS 7.5
CVE-2017-10995 MEDIUM
ImageMagick 7.0.6-0 - Denial of Service via Heap-Based Buffer Over-Read in MNG Image Handling
CVSS 5.5
CVE-2017-10989 CRITICAL
SQLite < 3.19.3 - Heap-Based Buffer Over-Read in RTree Blob Handling
CVSS 9.8
CVE-2017-10976 HIGH
SWFTools 0.9.2 - Heap-Based Buffer Over-Read in ttftool readBlock Function
CVSS 7.5
CVE-2017-10928 HIGH
ImageMagick 7.0.6-0 - Heap-Based Buffer Over-Read via SVG Document
CVSS 8.8
CVE-2017-10687 HIGH
LibSass 3.4.5 - Denial of Service via Heap-Based Buffer Over-Read in json_mkstream
CVSS 7.5
CVE-2017-10683 HIGH
mpg123 1.25.0 - Heap-Based Buffer Over-Read in convert_latin1
CVSS 7.5
CVE-2017-9986 HIGH
Linux Kernel < 4.11.7 - Denial of Service via Double Fetch in MSND Pinnacle Sound Driver
CVSS 7.8
Details
Vulnerabilities 8,947