Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-05-21 CVE-2017-9117 Out-of-bounds Read vulnerability in multiple products
In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff.
network
low complexity
libtiff canonical CWE-125
critical
 9.8
9.8
2017-05-19 CVE-2017-9074 Out-of-bounds Read vulnerability in Linux Kernel
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.
local
low complexity
linux CWE-125
7.8
7.8
2017-05-18 CVE-2017-9058 Out-of-bounds Read vulnerability in multiple products
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
network
low complexity
ytnef-project canonical CWE-125
critical
 9.8
9.8
2017-05-18 CVE-2017-9055 Out-of-bounds Read vulnerability in Libdwarf Project Libdwarf 20170321
An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21.
network
low complexity
libdwarf-project CWE-125
critical
 9.8
9.8
2017-05-18 CVE-2017-9054 Out-of-bounds Read vulnerability in Libdwarf Project Libdwarf 20170321
An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21.
network
low complexity
libdwarf-project CWE-125
critical
 9.8
9.8
2017-05-18 CVE-2017-9053 Out-of-bounds Read vulnerability in Libdwarf Project Libdwarf 20170321
An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21.
network
low complexity
libdwarf-project CWE-125
critical
 9.1
9.1
2017-05-18 CVE-2017-9052 Out-of-bounds Read vulnerability in Libdwarf Project Libdwarf 20170321
An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21.
network
low complexity
libdwarf-project CWE-125
critical
 9.8
9.8
2017-05-18 CVE-2017-9050 Out-of-bounds Read vulnerability in Xmlsoft Libxml2 2.9.4
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c.
network
low complexity
xmlsoft CWE-125
7.5
7.5
2017-05-18 CVE-2017-9049 Out-of-bounds Read vulnerability in Xmlsoft Libxml2 2.9.4
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c.
network
low complexity
xmlsoft CWE-125
7.5
7.5
2017-05-18 CVE-2017-9044 Out-of-bounds Read vulnerability in GNU Binutils 2.28
The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file.
local
low complexity
gnu CWE-125
5.5
5.5