CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
8,947 vulnerabilities with CWE-125
CVE-2017-8872
CRITICAL
libxml2 2.9.4 - Out-of-bounds Read in htmlParseTryOrFinish
CVSS 9.1
CVE-2017-8845
MEDIUM
long_range_zip - Out-of-bounds Read in lzo1x_decompress
CVSS 5.5
CVE-2017-8831
MEDIUM
Linux Kernel < 4.11.5 - Out-of-bounds Read via saa7164_bus_get Double Fetch
CVSS 6.4
CVE-2017-8787
HIGH
PoDoFo 0.9.5 - Out-of-bounds Read in PdfXRefStreamParserObject
CVSS 8.8
CVE-2017-3731
HIGH
OpenSSL <1.1.0/1.0.2 - Use After Free
CVSS 7.5
CVE-2017-8455
HIGH
Foxit Reader < 8.2.1 and PhantomPDF < 8.2.1 - Out-of-bounds Read via Crafted PDF Font
CVSS 7.8
CVE-2017-8454
HIGH
Foxit Reader < 8.2.1 and PhantomPDF < 8.2.1 - Out-of-bounds Read via Crafted Font in PDF
CVSS 8.8
CVE-2017-8453
HIGH
Foxit Reader < 8.2.1 and PhantomPDF < 8.2.1 - Out-of-bounds Read via Crafted PDF Font
CVSS 8.8
CVE-2017-7483
HIGH
rxvt 2.7.10 - Denial of Service via Terminal Escape Code Integer Overflow
CVSS 7.5
CVE-2017-8401
MEDIUM
swftools < 0.9.2 - Out-of-bounds Read in png_load()
CVSS 6.5
CVE-2017-8393
HIGH
GNU Binutils 2.28 - Out-of-bounds Read in BFD Library
CVSS 7.5
CVE-2017-8374
MEDIUM
Underbit MAD libmad 0.15.1b - Denial of Service via Heap-Based Buffer Over-Read in mad_bit_skip
CVSS 5.5
CVE-2017-8365
MEDIUM
libsndfile 1.0.28 - Denial of Service via i2les_array Buffer Over-Read
CVSS 6.5
CVE-2017-8363
MEDIUM
libsndfile 1.0.28 - Denial of Service via Heap-Based Buffer Over-Read in flac_buffer_copy
CVSS 6.5
CVE-2017-8362
MEDIUM
libsndfile 1.0.28 - Denial of Service via Invalid Read in flac_buffer_copy
CVSS 6.5
CVE-2017-8294
HIGH
YARA 3.5.0 - Denial of Service via Crafted Regex Rule in yr_re_exec
CVSS 7.5
CVE-2017-5030
HIGH
KEV
Google Chrome <57.0.2987.98-57.0.2987.108 - RCE
CVSS 8.8
CVE-2017-6615
MEDIUM
Cisco IOS XE 3.16 - Authenticated Denial of Service via SNMP Read Request Race Condition
CVSS 6.3
CVE-2017-2806
MEDIUM
Lexmark Perceptive Document Filters 11.3.0.2228 and 11.3.0.2400 - Out-of-bounds Read in XLS Parser
CVSS 4.3
CVE-2017-7718
MEDIUM
QEMU < 2.8.1.1 - Denial of Service via cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ Functions
CVSS 5.5
CVE-2017-7960
MEDIUM
libcroco 0.6.11-0.6.12 - Denial of Service via Heap-Based Buffer Over-Read in cr_input_new_from_uri
CVSS 5.5
CVE-2017-7939
MEDIUM
ImageWorsener 1.3.0 - Denial of Service via Stack-Based Buffer Over-Read in read_next_pam_token
CVSS 5.5
CVE-2017-7854
MEDIUM
radare2 - Denial of Service via Crafted Web Assembly File
CVSS 5.5
CVE-2017-7716
MEDIUM
radare2 1.3.0 - Denial of Service via Crafted Web Assembly File
CVSS 5.5
CVE-2017-3060
CRITICAL
Adobe Flash Player <= 25.0.0.127 - Memory Corruption in ActionScript2 Parser
CVSS 9.8
Details
Vulnerabilities
8,947