CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,947 vulnerabilities with CWE-125
CVE-2017-9179 HIGH
AutoTrace 0.31.1 - Denial of Service via ReadImage Function in input-bmp.c
CVSS 7.5
CVE-2017-9177 HIGH
AutoTrace 0.31.1 - Denial of Service via ReadImage Function in input-bmp.c
CVSS 7.5
CVE-2017-9174 HIGH
AutoTrace 0.31.1 - Denial of Service via GET_COLOR Function
CVSS 7.5
CVE-2017-9171 CRITICAL
AutoTrace <0.31.1 - Buffer Overflow
CVSS 9.8
CVE-2017-9166 CRITICAL
AutoTrace <0.31.1 - Buffer Overflow
CVSS 9.8
CVE-2017-9165 CRITICAL
AutoTrace 0.31.1 - Heap-Based Buffer Over-Read in GET_COLOR Function
CVSS 9.8
CVE-2017-9164 CRITICAL
AutoTrace <0.31.1 - Buffer Overflow
CVSS 9.8
CVE-2017-9155 HIGH
AutoTrace 0.31.1 - Denial of Service via input_pnm_reader Function
CVSS 7.5
CVE-2017-9154 HIGH
AutoTrace 0.31.1 - Denial of Service via GET_COLOR Function Out-of-Bounds Read
CVSS 7.5
CVE-2017-9152 CRITICAL
AutoTrace <0.31.1 - Buffer Overflow
CVSS 9.8
CVE-2017-9147 MEDIUM
LibTIFF 4.0.7 - Out-of-bounds Read in _TIFFVGetField
CVSS 6.5
CVE-2017-9117 MEDIUM
LibTIFF 4.0.6 - Heap-Based Buffer Over-Read via BMP Image Processing
CVSS 4.0
CVE-2017-9074 HIGH
Linux Kernel < 3.2.89 - Out-of-bounds Read in IPv6 Fragmentation Handling
CVSS 7.8
CVE-2017-9058 CRITICAL
ytnef < 1.9.2 - Heap-Based Buffer Over-Read in SIZECHECK Macro
CVSS 9.8
CVE-2017-9055 CRITICAL
libdwarf <2017-03-21 - Buffer Overflow
CVSS 9.8
CVE-2017-9054 CRITICAL
libdwarf <2017-03-21 - Memory Corruption
CVSS 9.8
CVE-2017-9053 CRITICAL
libdwarf <2017-03-21 - Buffer Overflow
CVSS 9.1
CVE-2017-9052 CRITICAL
libdwarf 2017-03-21 - Buffer Overflow
CVSS 9.8
CVE-2017-9050 HIGH
libxml2 20904-GITv2.9.4-16-g0741801 - Buffer Overflow
CVSS 7.5
CVE-2017-9049 HIGH
libxml2 20904-GITv2.9.4-16-g0741801 - Heap-Based Buffer Over-Read in xmlDictComputeFastKey
CVSS 7.5
CVE-2017-9044 MEDIUM
GNU Binutils - Denial of Service via Crafted ELF File
CVSS 5.5
CVE-2017-9041 MEDIUM
GNU Binutils 2.28 - Denial of Service via Crafted ELF File in readelf.c
CVSS 5.5
CVE-2017-9038 MEDIUM
GNU Binutils 2.28 - Denial of Service via Crafted ELF File
CVSS 5.5
CVE-2017-6658 HIGH
Cisco Sourcefire Snort 3.0 < build 233 - Out-of-bounds Read via Ethernet Frame Decoder
CVSS 7.5
CVE-2017-8908 MEDIUM
Artifex Ghostscript - Denial of Service via Out-of-bounds Read in mark_line_tr Function
CVSS 5.5
Details
Vulnerabilities 8,947