Vulnerabilities (CVE)

Filtered by CWE-125
Total 8737 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11852 1 Sierrawireless 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more 2026-06-17 6.4 MEDIUM 3.7 LOW
An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. Sensitive information may be disclosed via the ACEviewservice, accessible by default on the LAN.
CVE-2019-11835 2 Davegamble, Oracle 2 Cjson, Timesten In-memory Database 2026-06-17 7.5 HIGH 9.8 CRITICAL
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
CVE-2019-11834 2 Davegamble, Oracle 2 Cjson, Timesten In-memory Database 2026-06-17 7.5 HIGH 9.8 CRITICAL
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
CVE-2019-11823 1 Synology 1 Router Manager 2026-06-17 5.0 MEDIUM 8.6 HIGH
CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
CVE-2019-11766 2 Debian, Dhcpcd Project 2 Debian Linux, Dhcpcd 2026-06-17 7.5 HIGH 9.8 CRITICAL
dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.
CVE-2019-11719 1 Mozilla 2 Firefox, Thunderbird 2026-06-17 5.0 MEDIUM 7.5 HIGH
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11638 1 Gnu 1 Recutils 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_field_name_equal_p at rec-field-name.c in librec.a, leading to a crash.
CVE-2019-11637 1 Gnu 1 Recutils 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_rset_get_props at rec-rset.c in librec.a, leading to a crash.
CVE-2019-11598 1 Imagemagick 1 Imagemagick 2026-06-17 5.8 MEDIUM 8.1 HIGH
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.
CVE-2019-11597 1 Imagemagick 1 Imagemagick 2026-06-17 5.8 MEDIUM 8.1 HIGH
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.
CVE-2019-11579 2 Debian, Dhcpcd Project 2 Debian Linux, Dhcpcd 2026-06-17 5.0 MEDIUM 5.3 MEDIUM
dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
CVE-2019-11473 1 Graphicsmagick 1 Graphicsmagick 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
CVE-2019-11455 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2026-06-17 5.5 MEDIUM 8.1 HIGH
A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service (application outage).
CVE-2019-11373 2 Fedoraproject, Mediaarea 2 Fedora, Mediainfo 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.
CVE-2019-11372 2 Fedoraproject, Mediaarea 2 Fedora, Mediainfo 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.
CVE-2019-11339 1 Ffmpeg 1 Ffmpeg 2026-06-17 6.8 MEDIUM 8.8 HIGH
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
CVE-2019-11181 1 Intel 85 Baseboard Management Controller Firmware, Bbs2600bpb, Bbs2600bpbr and 82 more 2026-06-17 7.2 HIGH 7.8 HIGH
Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access.
CVE-2019-11172 1 Intel 85 Baseboard Management Controller Firmware, Bbs2600bpb, Bbs2600bpbr and 82 more 2026-06-17 5.0 MEDIUM 5.3 MEDIUM
Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.
CVE-2019-11129 1 Intel 13 Compute Card Cd1c64gk, Compute Card Cd1iv128mk, Compute Card Cd1m3128mk and 10 more 2026-06-17 4.6 MEDIUM 6.7 MEDIUM
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
CVE-2019-11124 1 Intel 13 Compute Card Cd1c64gk, Compute Card Cd1iv128mk, Compute Card Cd1m3128mk and 10 more 2026-06-17 4.6 MEDIUM 6.7 MEDIUM
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.