Vulnerabilities (CVE)

Filtered by CWE-125
Total 6166 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11009 3 Debian, Graphicsmagick, Opensuse 3 Debian Linux, Graphicsmagick, Leap 2019-05-23 5.8 MEDIUM 8.1 HIGH
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.
CVE-2018-20783 2 Opensuse, Php 2 Leap, Php 2019-05-22 5.0 MEDIUM 7.5 HIGH
In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.
CVE-2019-12198 1 Gohttp Project 1 Gohttp 2019-05-21 5.0 MEDIUM 7.5 HIGH
In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header.
CVE-2019-0116 1 Intel 1 Graphics Driver 2019-05-21 2.1 LOW 4.4 MEDIUM
An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access.
CVE-2019-12214 1 Freeimage Project 1 Freeimage 2019-05-21 5.0 MEDIUM 7.5 HIGH
In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data.
CVE-2019-12159 1 Gohttp Project 1 Gohttp 2019-05-20 5.0 MEDIUM 7.5 HIGH
GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function (when called from getRequestType) via a long URL.
CVE-2016-7151 1 Capstone-engine 1 Capstone 2019-05-16 4.3 MEDIUM 5.5 MEDIUM
Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c.
CVE-2019-10650 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2019-05-14 5.8 MEDIUM 8.1 HIGH
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
CVE-2017-12839 1 Mpg123 1 Mpg123 2019-05-10 6.8 MEDIUM 8.3 HIGH
A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 through 1.25.5 allows remote attackers to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file.
CVE-2019-2053 1 Google 1 Android 2019-05-08 4.9 MEDIUM 5.5 MEDIUM
In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-122074159
CVE-2019-11339 1 Ffmpeg 1 Ffmpeg 2019-05-06 6.8 MEDIUM 8.8 HIGH
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
CVE-2018-10242 2 Debian, Suricata-ids 2 Debian Linux, Suricata 2019-05-06 5.0 MEDIUM 7.5 HIGH
Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check.
CVE-2017-14976 2 Debian, Freedesktop 2 Debian Linux, Poppler 2019-05-03 5.0 MEDIUM 7.5 HIGH
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack.
CVE-2018-12495 2 Debian, Discount Project 2 Debian Linux, Discount 2019-05-02 4.3 MEDIUM 5.5 MEDIUM
The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
CVE-2018-10360 3 Canonical, File Project, Opensuse 3 Ubuntu Linux, File, Leap 2019-05-02 4.3 MEDIUM 6.5 MEDIUM
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
CVE-2019-11637 1 Gnu 1 Recutils 2019-05-01 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_rset_get_props at rec-rset.c in librec.a, leading to a crash.
CVE-2019-11638 1 Gnu 1 Recutils 2019-05-01 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_field_name_equal_p at rec-field-name.c in librec.a, leading to a crash.
CVE-2018-6315 2 Debian, Libming 2 Debian Linux, Libming 2019-04-26 6.8 MEDIUM 8.8 HIGH
The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file.
CVE-2017-11731 1 Libming 1 Ming 2019-04-26 4.3 MEDIUM 5.5 MEDIUM
An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
CVE-2018-13988 4 Canonical, Debian, Freedesktop and 1 more 8 Ubuntu Linux, Debian Linux, Poppler and 5 more 2019-04-25 4.3 MEDIUM 6.5 MEDIUM
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file.