Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2016-12-13 CVE-2016-5842 Out-of-bounds Read vulnerability in multiple products
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
network
low complexity
imagemagick oracle CWE-125
5.0
2016-12-13 CVE-2016-5687 Out-of-bounds Read vulnerability in Imagemagick
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
network
low complexity
imagemagick oracle CWE-125
7.5
2016-12-12 CVE-2016-9433 Out-of-bounds Read vulnerability in W3M Project W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
4.3
2016-12-08 CVE-2016-9918 Out-of-bounds Read vulnerability in Bluez Project Bluez 5.42
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file.
network
low complexity
bluez-project CWE-125
5.0
2016-11-28 CVE-2016-9555 Out-of-bounds Read vulnerability in Linux Kernel
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
network
low complexity
linux CWE-125
critical
10.0
2016-11-16 CVE-2016-7915 Out-of-bounds Read vulnerability in Linux Kernel
The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver.
network
linux CWE-125
4.3
2016-10-31 CVE-2016-8878 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf and Reader
Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER."
6.8
2016-10-31 CVE-2016-8876 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf and Reader
Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."
6.8
2016-10-31 CVE-2016-8875 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf and Reader
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor."
4.3
2016-10-29 CVE-2016-7506 Out-of-bounds Read vulnerability in Artifex Mujs
An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc.
network
low complexity
artifex CWE-125
5.0