Total
6166 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-17854 | 1 Simdcomp Project | 1 Simdcomp | 2019-02-01 | 4.3 MEDIUM | 6.5 MEDIUM |
SIMDComp before 0.1.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes. NOTE: this issue exists because of an incomplete fix for CVE-2018-17427. | |||||
CVE-2018-18933 | 1 Foxitsoftware | 2 Foxit Reader, U3d | 2019-01-30 | 6.4 MEDIUM | 9.1 CRITICAL |
The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation near NULL starting at FoxitReader!safe_vsnprintf+0x00000000002c4330" issue. | |||||
CVE-2018-5811 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2019-01-30 | 4.3 MEDIUM | 6.5 MEDIUM |
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. | |||||
CVE-2019-6246 | 1 Svgpp | 1 Svgpp | 2019-01-30 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the gil::get_color function in Generic Image Library in Boost, the return code is used as an address, leading to an Access Violation because of an out-of-bounds read. | |||||
CVE-2019-6985 | 2 Foxitsoftware, Microsoft | 2 3d, Windows | 2019-01-29 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Read in Indexing or a Heap Overflow and crash during handling of certain PDF files that embed specifically crafted 3D content, due to an array access violation. | |||||
CVE-2018-4194 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-01-29 | 6.8 MEDIUM | 8.8 HIGH |
In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | |||||
CVE-2018-12817 | 1 Adobe | 1 Digital Editions | 2019-01-23 | 5.0 MEDIUM | 7.5 HIGH |
Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
CVE-2019-6443 | 1 Ntpsec | 1 Ntpsec | 2019-01-22 | 6.4 MEDIUM | 9.1 CRITICAL |
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd. | |||||
CVE-2019-6444 | 1 Ntpsec | 1 Ntpsec | 2019-01-22 | 6.4 MEDIUM | 9.1 CRITICAL |
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd. | |||||
CVE-2018-4169 | 1 Apple | 1 Mac Os X | 2019-01-17 | 10.0 HIGH | 9.8 CRITICAL |
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, an out-of-bounds read was addressed with improved input validation. | |||||
CVE-2018-4256 | 1 Apple | 1 Mac Os X | 2019-01-16 | 2.1 LOW | 5.5 MEDIUM |
In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | |||||
CVE-2018-4255 | 1 Apple | 1 Mac Os X | 2019-01-16 | 2.1 LOW | 5.5 MEDIUM |
In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | |||||
CVE-2019-5007 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2019-01-15 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing. | |||||
CVE-2018-20588 | 1 Otfcc Project | 1 Otfcc | 2019-01-14 | 4.3 MEDIUM | 6.5 MEDIUM |
lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read. | |||||
CVE-2018-20430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2019-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. | |||||
CVE-2018-20453 | 1 Libdoc Project | 1 Libdoc | 2019-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. | |||||
CVE-2018-11963 | 1 Google | 1 Android | 2019-01-09 | 7.2 HIGH | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in camera jpeg driver. | |||||
CVE-2018-20591 | 1 Libming | 1 Libming | 2019-01-04 | 4.3 MEDIUM | 6.5 MEDIUM |
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx. | |||||
CVE-2018-19842 | 1 Radare | 1 Radare2 | 2018-12-31 | 4.3 MEDIUM | 5.5 MEDIUM |
getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2. | |||||
CVE-2018-19843 | 1 Radare | 1 Radare2 | 2018-12-31 | 4.3 MEDIUM | 5.5 MEDIUM |
opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2. |