CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,951 vulnerabilities with CWE-125
CVE-2011-2843
Google Chrome < 14.0.835.163 - Denial of Service via Media Buffer Out-of-bounds Read
CVE-2011-2803
Google Chrome < 13.0.782.107 - Denial of Service via Skia Path Handling
CVE-2011-2794
Google Chrome < 13.0.782.107 - Denial of Service via Text Iteration Out-of-bounds Read
CVE-2011-2501 MEDIUM
libpng 1.0.0-1.0.54, 1.2.0-1.2.44, 1.4.0-1.4.7, 1.5.0-1.5.3 - Denial of Service via Crafted PNG Image
CVSS 6.5
CVE-2011-2345
Google Chrome < 12.0.742.112 - Denial of Service via NPAPI String Handling
CVE-2011-1455
Google Chrome < 11.0.696.57 - Denial of Service via PDF Multipart Encoding
CVE-2011-1445
Google Chrome < 11.0.696.57 - Denial of Service via SVG Document Handling
CVE-2011-1192
Google Chrome < 10.0.648.127 - Denial of Service via Unicode Range Handling
CVE-2011-1122
Google Chrome < 9.0.597.107 - Denial of Service via WebGL Out-of-bounds Read
CVE-2011-1120
Google Chrome < 9.0.597.107 - Denial of Service via WebGL Out-of-bounds Read
CVE-2011-1113
Google Chrome < 9.0.597.107 - Denial of Service via Pickle Deserialization
CVE-2011-0984
Google Chrome < 9.0.597.94 - Denial of Service via Plug-in Out-of-bounds Read
CVE-2010-4577 HIGH
Google Chrome < 8.0.552.224 - Out-of-bounds Read in CSS Font Face Parser
CVSS 7.5
CVE-2009-2523
Microsoft Windows 2000 SP4 - Remote Code Execution via LlsrLicenseRequestW RPC Message
CVE-2007-3847
Apache HTTP Server 2.0.35-2.0.60 - Denial of Service via Crafted Date Headers in mod_proxy
CVE-2006-6016 MEDIUM
WordPress < 2.0.4 - Authenticated Out-of-bounds Read via user_id Parameter
CVSS 6.5
CVE-2006-5393 MEDIUM
Cisco Secure Desktop - Unauthenticated Out-of-bounds Read
CVSS 5.5
CVE-2004-1940
KPhone < 4.0.1 - Denial of Service via STUN Response Packet with Large attrLen Value
CVE-2004-0112
Avaya Vsu - Out-of-Bounds Read
CVE-2004-0421
libpng <= 1.0.15 - Denial of Service via Malformed PNG Image Error Handling
CVE-2004-0183
tcpdump < 3.8.1 - Denial of Service via ISAKMP Delete Payload with Large SPI Count
CVE-2004-0184
tcpdump < 3.8.1 - Denial of Service via ISAKMP Identification Payload Length Underflow
CVE-2004-0221
OpenBSD < 3.4 - Denial of Service via ISAKMP Delete Payload with Large SPI Count
CVE-1999-0006 CRITICAL
Qualcomm qpopper - Buffer Overflow via Long PASS Command
CVSS 9.8
CVE-1999-0029 HIGH
SGI IRIX - Buffer Overflow in ordist Command
CVSS 8.4
Details
Vulnerabilities 8,951