Vulnerabilities (CVE)

Filtered by CWE-125
Total 7060 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-13012 1 Tcpdump 1 Tcpdump 2025-04-20 7.5 HIGH 9.8 CRITICAL
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2016-2518 7 Debian, Freebsd, Netapp and 4 more 18 Debian Linux, Freebsd, Clustered Data Ontap and 15 more 2025-04-20 5.0 MEDIUM 5.3 MEDIUM
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
CVE-2017-13031 1 Tcpdump 1 Tcpdump 2025-04-20 7.5 HIGH 9.8 CRITICAL
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
CVE-2017-5849 2 Fedoraproject, Netpbm Project 2 Fedora, Netpbm 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and height values.
CVE-2016-7563 1 Artifex 1 Mujs 2025-04-20 5.0 MEDIUM 7.5 HIGH
The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input.
CVE-2017-14820 1 Foxitsoftware 1 Foxit Reader 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the tile index of the SOT marker in JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5012.
CVE-2017-13035 1 Tcpdump 1 Tcpdump 2025-04-20 7.5 HIGH 9.8 CRITICAL
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
CVE-2017-11054 1 Google 1 Android 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.
CVE-2017-16406 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2025-04-20 9.3 HIGH 8.8 HIGH
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion vulnerability in the EMF processing module. The issue causes the program to access an object using an incompatible type, leading to an out of bounds memory access. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, writes, or frees -- potentially leading to code corruption, control-flow hijack, or information leak attack.
CVE-2017-9224 2 Oniguruma Project, Php 2 Oniguruma, Php 2025-04-20 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer.
CVE-2016-5010 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
CVE-2017-11334 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 2.1 LOW 4.4 MEDIUM
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.
CVE-2016-7393 1 Libav 1 Libav 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2017-11002 1 Google 1 Android 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur.
CVE-2017-6851 1 Jasper Project 1 Jasper 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service (invalid read) via a crafted image.
CVE-2016-5032 1 Libdwarf Project 1 Libdwarf 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The dwarf_get_xu_hash_entry function in libdwarf before 20160923 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2017-11055 1 Google 1 Android 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 vendor command, a buffer over-read can occur.
CVE-2017-12451 1 Gnu 1 Binutils 2025-04-20 6.8 MEDIUM 7.8 HIGH
The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file.
CVE-2017-13139 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 7.5 HIGH 9.8 CRITICAL
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-16589 1 Foxitsoftware 1 Foxit Reader 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the yTsiz member of SIZ markers. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-4977.