CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,947 vulnerabilities with CWE-125
CVE-2017-4899 MEDIUM
VMware Workstation Pro/Player <12.5.3 - Memory Corruption
CVSS 4.7
CVE-2017-9474 MEDIUM
ytnef 1.9.2 - Denial of Service via Heap-Based Buffer Over-Read in DecompressRTF
CVSS 5.5
CVE-2017-9472 MEDIUM
ytnef 1.9.2 - Denial of Service via Heap-Based Buffer Over-Read in SwapDWord
CVSS 5.5
CVE-2017-9471 MEDIUM
ytnef 1.9.2 - Denial of Service via Heap-Based Buffer Over-Read in SwapWord
CVSS 5.5
CVE-2017-9465 HIGH
YARA 3.6.1 - Out-of-bounds Read in yr_arena_write_data
CVSS 7.1
CVE-2017-9434 MEDIUM
Crypto++ < 5.6.4 - Out-of-bounds Read in Inflator Filter
CVSS 5.3
CVE-2017-9359 HIGH
Asterisk Open Source 13.x < 13.15.1 and 14.x < 14.4.1 - Denial of Service via Multi-Part Body Parser
CVSS 7.5
CVE-2017-9301 HIGH
VideoLAN VLC media player <2.2.4 - DoS
CVSS 7.8
CVE-2017-9265 CRITICAL
Open vSwitch <2.7.0 - Buffer Overflow
CVSS 9.8
CVE-2017-9264 CRITICAL
Open vSwitch <2.6.1 - Buffer Overflow
CVSS 9.8
CVE-2017-9227 CRITICAL
Oniguruma 6.2.0 - Memory Corruption
CVSS 9.8
CVE-2017-9224 CRITICAL
Oniguruma <6.2.0 - Memory Corruption
CVSS 9.8
CVE-2017-2801 MEDIUM
Botan 2.0.1 - Out-of-bounds Read in X509 Certificate Verification
CVSS 6.5
CVE-2017-8313 MEDIUM
VideoLAN VLC < 2.2.5 - Heap Out-of-Bounds Read in ParseJSS
CVSS 5.5
CVE-2017-8312 MEDIUM
VLC Media Player < 2.2.6 - Heap Out-of-Bounds Read in Subtitle Parser
CVSS 5.5
CVE-2017-8310 MEDIUM
VLC Media Player 2.2.x - Heap Out-of-bounds Read in Subtitle Parser
CVSS 5.5
CVE-2017-9207 MEDIUM
ImageWorsener 1.3.1 - Heap-Based Buffer Over-Read in iw_get_ui16be
CVSS 6.5
CVE-2017-9206 MEDIUM
ImageWorsener 1.3.1 - Denial of Service via Heap-Based Buffer Over-Read in iw_get_ui16le
CVSS 6.5
CVE-2017-9205 MEDIUM
ImageWorsener 1.3.1 - Denial of Service via Crafted JPEG Image
CVSS 6.5
CVE-2017-9204 MEDIUM
ImageWorsener 1.3.1 - Denial of Service via Crafted JPEG Image
CVSS 6.5
CVE-2017-9195 CRITICAL
AutoTrace 0.31.1 - Heap-Based Buffer Over-Read in ReadImage Function
CVSS 9.8
CVE-2017-9194 CRITICAL
AutoTrace <0.31.1 - Buffer Overflow
CVSS 9.8
CVE-2017-9193 CRITICAL
AutoTrace <0.31.1 - Buffer Overflow
CVSS 9.8
CVE-2017-9189 HIGH
AutoTrace 0.31.1 - Denial of Service via Invalid Read in GET_COLOR Function
CVSS 7.5
CVE-2017-9180 HIGH
AutoTrace 0.31.1 - Denial of Service via ReadImage Function in input-bmp.c
CVSS 7.5
Details
Vulnerabilities 8,947