Vulnerabilities > Out-of-bounds Read
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-11341 | Out-of-bounds Read vulnerability in Libsass 3.4.5 There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. | 7.5 |
| 2017-07-17 | CVE-2017-11336 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. | 6.5 |
| 2017-07-10 | CVE-2017-11147 | Out-of-bounds Read vulnerability in multiple products In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c. | 9.1 |
| 2017-07-10 | CVE-2017-11126 | Out-of-bounds Read vulnerability in Mpg123 The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870. | 5.5 |
| 2017-07-08 | CVE-2017-11108 | Out-of-bounds Read vulnerability in Tcpdump 4.9.0 tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. | 7.5 |
| 2017-07-07 | CVE-2017-10995 | Out-of-bounds Read vulnerability in Imagemagick 7.0.60 The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. | 5.5 |
| 2017-07-07 | CVE-2017-10989 | Out-of-bounds Read vulnerability in Sqlite The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. | 9.8 |
| 2017-07-06 | CVE-2017-10976 | Out-of-bounds Read vulnerability in Swftools 0.9.2 When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock() function in lib/ttf.c. | 7.5 |
| 2017-07-05 | CVE-2017-10928 | Out-of-bounds Read vulnerability in Imagemagick 7.0.60 In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. | 8.8 |
| 2017-06-29 | CVE-2017-10687 | Out-of-bounds Read vulnerability in Libsass 3.4.5 In LibSass 3.4.5, there is a heap-based buffer over-read in the function json_mkstream() in sass_context.cpp. | 7.5 |