CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,947 vulnerabilities with CWE-125
CVE-2017-9985 HIGH
Linux Kernel < 3.18.71 - Out-of-bounds Read in snd_msndmidi_input_read
CVSS 7.8
CVE-2017-9984 HIGH
Linux Kernel < 3.18.71 - Out-of-bounds Read in snd_msnd_interrupt
CVSS 7.8
CVE-2017-7520 HIGH
OpenVPN < 2.4.3 and < 2.3.17 - Denial of Service and Memory Leak via Man-in-the-Middle Attack
CVSS 7.4
CVE-2017-9223 MEDIUM
Freeware Advanced Audio Decoder 2 <2.7 - DoS
CVSS 5.5
CVE-2017-9221 MEDIUM
Freeware Advanced Audio Decoder 2 <2.7 - DoS
CVSS 5.5
CVE-2017-9218 MEDIUM
Freeware Advanced Audio Decoder 2 <2.7 - DoS
CVSS 5.5
CVE-2017-9955 MEDIUM
GNU Binutils 2.28 - Denial of Service via Crafted File in get_build_id Function
CVSS 5.5
CVE-2017-9954 MEDIUM
GNU Binutils 2.28 - Denial of Service via Crafted Tekhex File
CVSS 5.5
CVE-2017-9935 HIGH
LibTIFF < 4.0.8 - Heap-Based Buffer Overflow in t2p_write_pdf
CVSS 8.8
CVE-2017-9870 MEDIUM
LAME 3.99.5 - Denial of Service via Crafted Audio File in III_i_stereo Function
CVSS 5.5
CVE-2017-9869 MEDIUM
LAME 3.99.5 - Denial of Service via Crafted Audio File
CVSS 5.5
CVE-2017-9865 MEDIUM
Poppler 0.54.0 - Denial of Service via GfxImageColorMap::getGray
CVSS 5.5
CVE-2017-9847 MEDIUM
libtorrent 1.1.3 - Denial of Service via Crafted File in bdecode Function
CVSS 5.5
CVE-2017-9782 MEDIUM
JasPer 2.0.12 - Denial of Service via Heap-Based Buffer Over-Read in jp2_decode
CVSS 5.5
CVE-2017-9130 MEDIUM
Freeware Advanced Audio Coder (FAAC) 1.28 - DoS
CVSS 5.5
CVE-2017-7668 HIGH
Apache HTTP Server 2.2.32-2.4.24 - Out-of-bounds Read via Token List Parsing
CVSS 7.5
CVE-2017-9728 CRITICAL
uClibc 0.9.33.2 - Out-of-bounds Read in get_subexp Function
CVSS 9.8
CVE-2017-8240 HIGH
Android - Out-of-bounds Read in Kernel Driver
CVSS 7.8
CVE-2017-8234 HIGH
Android - Out-of-bounds Read in Camera Function
CVSS 7.8
CVE-2017-7365 HIGH
Android - Out-of-bounds Read via Non-NULL-Terminated String
CVSS 7.8
CVE-2017-9128 MEDIUM
libquicktime 1.2.4 - Denial of Service via Crafted MP4 File
CVSS 6.5
CVE-2017-9125 MEDIUM
libquicktime - Denial of Service via Heap-Based Buffer Over-Read in lqt_frame_duration
CVSS 6.5
CVE-2017-9123 MEDIUM
libquicktime 1.2.4 - Denial of Service via Crafted MP4 File
CVSS 6.5
CVE-2017-4912 HIGH
VMware Workstation 12.x < 12.5.3 and Horizon View Client 4.x < 4.4.0 - Out-of-bounds Read in TTF Parser
CVSS 7.8
CVE-2017-4910 HIGH
VMware Workstation <12.5.3 - Memory Corruption
CVSS 7.8
Details
Vulnerabilities 8,947