Vulnerabilities > Out-of-bounds Read
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-20 | CVE-2018-8809 | Out-of-bounds Read vulnerability in Radare Radare2 2.4.0 In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. | 4.3 |
| 2018-03-20 | CVE-2018-8808 | Out-of-bounds Read vulnerability in Radare Radare2 2.4.0 In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. | 4.3 |
| 2018-03-18 | CVE-2018-8769 | Out-of-bounds Read vulnerability in Elfutils Project Elfutils 0.170 elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported. | 6.8 |
| 2018-03-18 | CVE-2018-8754 | Out-of-bounds Read vulnerability in multiple products The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. | 5.5 |
| 2018-03-15 | CVE-2017-18069 | Out-of-bounds Read vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper message length calculation in oem_cmd_handler() while processing a WLAN_NL_MSG_OEM netlink message leads to buffer overread. | 7.8 |
| 2018-03-14 | CVE-2018-1000122 | Out-of-bounds Read vulnerability in multiple products A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage | 6.4 |
| 2018-03-14 | CVE-2018-0919 | Out-of-bounds Read vulnerability in Microsoft products Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2010 SP2, Word 2013 SP1 and Microsoft Word 2016 allow an information disclosure vulnerability due to how variables are initialized, aka "Microsoft Office Information Disclosure Vulnerability". | 4.3 |
| 2018-03-14 | CVE-2018-0894 | Out-of-bounds Read vulnerability in Microsoft products The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". | 1.9 |
| 2018-03-14 | CVE-2018-8107 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
| 2018-03-14 | CVE-2018-8106 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |