Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2018-04-11 CVE-2017-18130 Out-of-bounds Read vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while playing an ASF file, a buffer over-read can potentially occur.
network
low complexity
qualcomm CWE-125
critical
 9.8
9.8
2018-04-11 CVE-2018-10017 Out-of-bounds Read vulnerability in Openmpt
soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.
network
low complexity
openmpt CWE-125
6.5
6.5
2018-04-11 CVE-2018-10001 Out-of-bounds Read vulnerability in multiple products
The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.
network
low complexity
ffmpeg debian CWE-125
6.5
6.5
2018-04-10 CVE-2018-3838 Out-of-bounds Read vulnerability in multiple products
An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2.
network
low complexity
libsdl debian CWE-125
6.5
6.5
2018-04-10 CVE-2018-3837 Out-of-bounds Read vulnerability in multiple products
An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2.
local
low complexity
libsdl debian starwindsoftware CWE-125
5.5
5.5
2018-04-10 CVE-2018-9989 Out-of-bounds Read vulnerability in multiple products
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.
network
low complexity
arm debian CWE-125
7.5
7.5
2018-04-10 CVE-2018-9988 Out-of-bounds Read vulnerability in multiple products
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.
network
low complexity
arm debian CWE-125
7.5
7.5
2018-04-07 CVE-2018-9841 Out-of-bounds Read vulnerability in Ffmpeg
The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.
network
low complexity
ffmpeg CWE-125
8.8
8.8
2018-04-05 CVE-2017-2861 Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8
An exploitable Denial of Service vulnerability exists in the use of a return value in the NewProducerStream command in Natus Xltek NeuroWorks 8.
network
low complexity
natus CWE-125
7.5
7.5
2018-04-04 CVE-2018-9305 Out-of-bounds Read vulnerability in Exiv2
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
network
low complexity
exiv2 CWE-125
8.1
8.1