CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,950 vulnerabilities with CWE-125
CVE-2016-10029 MEDIUM
QEMU < 2.6.2 - Denial of Service via Virtio GPU Scanout ID Out-of-Bounds Read
CVSS 5.5
CVE-2016-10028 MEDIUM
QEMU < 2.8.1.1 - Denial of Service via VIRTIO_GPU_CMD_GET_CAPSET Capabilities Size
CVSS 5.5
CVE-2016-4493 MEDIUM
GNU libiberty - Out-of-bounds Read in cplus-dem.c
CVSS 5.5
CVE-2016-7643 HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Out-of-bounds Read in ImageIO
CVSS 8.1
CVE-2016-4682 HIGH
macOS < 10.12.1 - Out-of-bounds Read in ImageIO via Crafted SGI File
CVSS 7.1
CVE-2016-7510 MEDIUM
libdwarf < 2016-09-23 - Denial of Service via Crafted Input in Line Table Reader
CVSS 6.5
CVE-2016-5043 HIGH
libdwarf < 2016-09-23 - Denial of Service via Crafted DWARF Section
CVSS 7.5
CVE-2016-5040 HIGH
libdwarf < 2016-09-23 - Denial of Service via Large Length Value in Compilation Unit Header
CVSS 7.5
CVE-2016-5039 HIGH
libdwarf < 2016-09-23 - Denial of Service via Crafted Object with All-Bits On
CVSS 7.5
CVE-2016-5038 HIGH
libdwarf < 2016-09-23 - Denial of Service via Crafted String Offset in .debug_str
CVSS 7.5
CVE-2016-5036 HIGH
libdwarf < 2016-09-23 - Denial of Service via Crafted Frame Data
CVSS 7.5
CVE-2016-5035 MEDIUM
libdwarf < 2016-09-23 - Out-of-bounds Read in _dwarf_read_line_table_header
CVSS 6.5
CVE-2016-5033 MEDIUM
libdwarf < 2016-09-23 - Denial of Service via Crafted File
CVSS 6.5
CVE-2016-5032 MEDIUM
libdwarf < 2016-09-23 - Denial of Service via Crafted File
CVSS 6.5
CVE-2016-5031 MEDIUM
libdwarf < 2016-09-23 - Denial of Service via Crafted File in print_frame_inst_bytes
CVSS 5.5
CVE-2016-9773 MEDIUM
ImageMagick 7.0.3.8 - Heap-Based Buffer Overflow in IsPixelGray Function
CVSS 5.5
CVE-2016-1249 MEDIUM
DBD::mysql < 4.038_01 - Denial of Service via Unaligned Placeholders in Prepared Statements
CVSS 5.9
CVE-2016-8681 MEDIUM
libdwarf < 2016-10-01 - Denial of Service via Crafted File in _dwarf_get_abbrev_for_code
CVSS 5.5
CVE-2016-8680 MEDIUM
libdwarf < 2016-10-01 - Denial of Service via Crafted File in _dwarf_get_abbrev_for_code
CVSS 6.5
CVE-2016-8679 MEDIUM
libdwarf < 2016-11-24 - Denial of Service via Crafted File in _dwarf_get_size_of_val
CVSS 6.5
CVE-2016-8678 MEDIUM
ImageMagick 7.0.3.0 - Denial of Service via IsPixelMonochrome Out-of-bounds Read
CVSS 5.5
CVE-2016-7393 MEDIUM
libav < 11.4 - Stack-based Buffer Overflow in aac_sync
CVSS 5.5
CVE-2016-8689 HIGH
libarchive 3.2.1 - Denial of Service via Multiple EmptyStream Attributes in 7zip Archive
CVSS 7.5
CVE-2016-8688 MEDIUM
libarchive 3.2.1 - Out-of-bounds Read in mtree bidder
CVSS 5.5
CVE-2016-8682 HIGH
GraphicsMagick 1.3.25 - Denial of Service via Crafted SCT Header
CVSS 7.5
Details
Vulnerabilities 8,950