Vulnerabilities (CVE)

Filtered by CWE-125
Total 8724 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-17461 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2026-06-17 6.8 MEDIUM 8.8 HIGH
An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
CVE-2018-17435 1 Hdfgroup 1 Hdf5 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
CVE-2018-17427 1 Simdcomp Project 1 Simdcomp 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
SIMDComp before 0.1.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes.
CVE-2018-17360 1 Gnu 1 Binutils 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.
CVE-2018-17294 3 Canonical, Liblouis, Opensuse 3 Ubuntu Linux, Liblouis, Leap 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries.
CVE-2018-17292 1 Webassembly Virtual Machine Project 1 Webassembly Virtual Machine 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than 4 bytes.
CVE-2018-17235 1 Mp4v2 Project 1 Mp4v2 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.
CVE-2018-17206 4 Canonical, Debian, Openvswitch and 1 more 4 Ubuntu Linux, Debian Linux, Openvswitch and 1 more 2026-06-17 4.0 MEDIUM 4.9 MEDIUM
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.
CVE-2018-17072 1 Json\+\+ Project 1 Json\+\+ 2026-06-17 7.5 HIGH 9.8 CRITICAL
JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.
CVE-2018-16985 1 Lizard Project 1 Lizard 2026-06-17 5.0 MEDIUM 7.5 HIGH
In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVE-2018-16982 1 Byvoid 1 Open Chinese Convert 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file.
CVE-2018-16890 8 Canonical, Debian, F5 and 5 more 10 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 7 more 2026-06-17 5.0 MEDIUM 7.5 HIGH
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.
CVE-2018-16885 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux Server 2026-06-17 4.9 MEDIUM 4.7 MEDIUM
A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7.
CVE-2018-16866 5 Canonical, Debian, Netapp and 2 more 21 Ubuntu Linux, Debian Linux, Active Iq Performance Analytics Services and 18 more 2026-06-17 2.1 LOW 3.3 LOW
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
CVE-2018-16855 1 Powerdns 1 Recursor 2026-06-17 5.0 MEDIUM 7.5 HIGH
An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.
CVE-2018-16847 2 Canonical, Qemu 2 Ubuntu Linux, Qemu 2026-06-17 4.6 MEDIUM 7.8 HIGH
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.
CVE-2018-16842 3 Canonical, Debian, Haxx 3 Ubuntu Linux, Debian Linux, Curl 2026-06-17 6.4 MEDIUM 4.4 MEDIUM
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
CVE-2018-16790 1 Mongodb 1 Libbson 2026-06-17 5.8 MEDIUM 8.1 HIGH
_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.
CVE-2018-16764 1 Webassembly Virtual Machine Project 1 Webassembly Virtual Machine 2026-06-17 6.8 MEDIUM 8.8 HIGH
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an IR::FunctionValidationContext::catch_all heap-based buffer over-read.
CVE-2018-16667 1 Contiki-ng 1 Contiki-ng. 2026-06-17 4.4 MEDIUM 7.0 HIGH
An issue was discovered in Contiki-NG through 4.1. There is a buffer over-read in lookup in os/storage/antelope/lvm.c while parsing AQL (lvm_register_variable, lvm_set_variable_value, create_intersection, create_union).