CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,947 vulnerabilities with CWE-125
CVE-2017-8872 CRITICAL
libxml2 2.9.4 - Out-of-bounds Read in htmlParseTryOrFinish
CVSS 9.1
CVE-2017-8845 MEDIUM
long_range_zip - Out-of-bounds Read in lzo1x_decompress
CVSS 5.5
CVE-2017-8831 MEDIUM
Linux Kernel < 4.11.5 - Out-of-bounds Read via saa7164_bus_get Double Fetch
CVSS 6.4
CVE-2017-8787 HIGH
PoDoFo 0.9.5 - Out-of-bounds Read in PdfXRefStreamParserObject
CVSS 8.8
CVE-2017-3731 HIGH
OpenSSL <1.1.0/1.0.2 - Use After Free
CVSS 7.5
CVE-2017-8455 HIGH
Foxit Reader < 8.2.1 and PhantomPDF < 8.2.1 - Out-of-bounds Read via Crafted PDF Font
CVSS 7.8
CVE-2017-8454 HIGH
Foxit Reader < 8.2.1 and PhantomPDF < 8.2.1 - Out-of-bounds Read via Crafted Font in PDF
CVSS 8.8
CVE-2017-8453 HIGH
Foxit Reader < 8.2.1 and PhantomPDF < 8.2.1 - Out-of-bounds Read via Crafted PDF Font
CVSS 8.8
CVE-2017-7483 HIGH
rxvt 2.7.10 - Denial of Service via Terminal Escape Code Integer Overflow
CVSS 7.5
CVE-2017-8401 MEDIUM
swftools < 0.9.2 - Out-of-bounds Read in png_load()
CVSS 6.5
CVE-2017-8393 HIGH
GNU Binutils 2.28 - Out-of-bounds Read in BFD Library
CVSS 7.5
CVE-2017-8374 MEDIUM
Underbit MAD libmad 0.15.1b - Denial of Service via Heap-Based Buffer Over-Read in mad_bit_skip
CVSS 5.5
CVE-2017-8365 MEDIUM
libsndfile 1.0.28 - Denial of Service via i2les_array Buffer Over-Read
CVSS 6.5
CVE-2017-8363 MEDIUM
libsndfile 1.0.28 - Denial of Service via Heap-Based Buffer Over-Read in flac_buffer_copy
CVSS 6.5
CVE-2017-8362 MEDIUM
libsndfile 1.0.28 - Denial of Service via Invalid Read in flac_buffer_copy
CVSS 6.5
CVE-2017-8294 HIGH
YARA 3.5.0 - Denial of Service via Crafted Regex Rule in yr_re_exec
CVSS 7.5
CVE-2017-5030 HIGH KEV
Google Chrome <57.0.2987.98-57.0.2987.108 - RCE
CVSS 8.8
CVE-2017-6615 MEDIUM
Cisco IOS XE 3.16 - Authenticated Denial of Service via SNMP Read Request Race Condition
CVSS 6.3
CVE-2017-2806 MEDIUM
Lexmark Perceptive Document Filters 11.3.0.2228 and 11.3.0.2400 - Out-of-bounds Read in XLS Parser
CVSS 4.3
CVE-2017-7718 MEDIUM
QEMU < 2.8.1.1 - Denial of Service via cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ Functions
CVSS 5.5
CVE-2017-7960 MEDIUM
libcroco 0.6.11-0.6.12 - Denial of Service via Heap-Based Buffer Over-Read in cr_input_new_from_uri
CVSS 5.5
CVE-2017-7939 MEDIUM
ImageWorsener 1.3.0 - Denial of Service via Stack-Based Buffer Over-Read in read_next_pam_token
CVSS 5.5
CVE-2017-7854 MEDIUM
radare2 - Denial of Service via Crafted Web Assembly File
CVSS 5.5
CVE-2017-7716 MEDIUM
radare2 1.3.0 - Denial of Service via Crafted Web Assembly File
CVSS 5.5
CVE-2017-3060 CRITICAL
Adobe Flash Player <= 25.0.0.127 - Memory Corruption in ActionScript2 Parser
CVSS 9.8
Details
Vulnerabilities 8,947