Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2018-12-24 CVE-2018-20430 Out-of-bounds Read vulnerability in multiple products
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.
network
gnu debian CWE-125
4.3
4.3
2018-12-23 CVE-2018-20409 Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1627
An issue was discovered in Bento4 1.5.1-627.
network
axiosys CWE-125
4.3
4.3
2018-12-20 CVE-2018-20124 Out-of-bounds Read vulnerability in multiple products
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
local
low complexity
qemu canonical CWE-125
2.1
2.1
2018-12-20 CVE-2018-11963 Out-of-bounds Read vulnerability in Google Android
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in camera jpeg driver.
local
low complexity
google CWE-125
7.2
7.2
2018-12-20 CVE-2018-1000852 Out-of-bounds Read vulnerability in multiple products
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory..
network
low complexity
freerdp canonical fedoraproject CWE-125
6.5
6.5
2018-12-18 CVE-2018-20201 Out-of-bounds Read vulnerability in Pur3 Espruino 2.00
There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file.
network
pur3 CWE-125
6.8
6.8
2018-12-17 CVE-2018-20185 Out-of-bounds Read vulnerability in multiple products
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file.
network
high complexity
graphicsmagick debian canonical CWE-125
2.6
2.6
2018-12-17 CVE-2018-19975 Out-of-bounds Read vulnerability in Virustotal Yara 3.8.1
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c.
local
low complexity
virustotal CWE-125
5.5
5.5
2018-12-12 CVE-2018-20102 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14.
network
low complexity
haproxy canonical redhat CWE-125
7.5
7.5
2018-12-12 CVE-2018-11465 Out-of-bounds Read vulnerability in Siemens products
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).
local
low complexity
siemens CWE-125
7.2
7.2