Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-09-21 CVE-2017-14245 Out-of-bounds Read vulnerability in multiple products
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
network
low complexity
libsndfile-project debian CWE-125
8.1
8.1
2017-09-21 CVE-2017-14633 Out-of-bounds Read vulnerability in multiple products
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().
network
low complexity
xiph-org debian canonical CWE-125
6.5
6.5
2017-09-20 CVE-2017-14608 Out-of-bounds Read vulnerability in Libraw
In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp.
network
low complexity
libraw CWE-125
critical
 9.1
9.1
2017-09-20 CVE-2017-14607 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c.
network
low complexity
imagemagick debian canonical CWE-125
8.1
8.1
2017-09-18 CVE-2017-14529 Out-of-bounds Read vulnerability in GNU Binutils 2.29
The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function.
local
low complexity
gnu CWE-125
5.5
5.5
2017-09-17 CVE-2017-14503 Out-of-bounds Read vulnerability in Libarchive 3.3.2
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.
network
low complexity
libarchive CWE-125
6.5
6.5
2017-09-17 CVE-2017-14501 Out-of-bounds Read vulnerability in Libarchive 3.3.2
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
network
low complexity
libarchive CWE-125
6.5
6.5
2017-09-14 CVE-2017-13725 Out-of-bounds Read vulnerability in multiple products
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13690 Out-of-bounds Read vulnerability in Tcpdump
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
network
low complexity
tcpdump CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13689 Out-of-bounds Read vulnerability in Tcpdump
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
network
low complexity
tcpdump CWE-125
critical
 9.8
9.8