Vulnerabilities > Out-of-bounds Read
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-03 | CVE-2019-11036 | Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. | 9.1 |
| 2019-04-29 | CVE-2019-3561 | Out-of-bounds Read vulnerability in Facebook Hhvm Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory. | 9.8 |
| 2019-04-29 | CVE-2019-11598 | Out-of-bounds Read vulnerability in Imagemagick 7.0.840 In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. | 8.1 |
| 2019-04-29 | CVE-2019-11597 | Out-of-bounds Read vulnerability in Imagemagick 7.0.843 In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. | 8.1 |
| 2019-04-29 | CVE-2016-10749 | Out-of-bounds Read vulnerability in Cjson Project Cjson parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character. | 9.8 |
| 2019-04-28 | CVE-2019-11579 | Out-of-bounds Read vulnerability in multiple products dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED. | 5.3 |
| 2019-04-26 | CVE-2019-9802 | Out-of-bounds Read vulnerability in Mozilla Firefox If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. | 7.5 |
| 2019-04-26 | CVE-2019-9799 | Out-of-bounds Read vulnerability in Mozilla Firefox Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. | 7.5 |
| 2019-04-23 | CVE-2019-11473 | Out-of-bounds Read vulnerability in Graphicsmagick 1.3.31 coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. | 6.5 |
| 2019-04-22 | CVE-2019-11455 | Out-of-bounds Read vulnerability in multiple products A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. | 8.1 |