Vulnerabilities > Out-of-bounds Read
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-11-16 | CVE-2017-11093 | Out-of-bounds Read vulnerability in Google Android In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be exposed. | 5.0 |
2017-11-16 | CVE-2017-11090 | Out-of-bounds Read vulnerability in Google Android In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wlan_hdd_cfg80211_set_pmksa when user space application sends PMKID of size less than WLAN_PMKID_LEN bytes. | 5.0 |
2017-11-16 | CVE-2017-11089 | Out-of-bounds Read vulnerability in Google Android In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes | 5.0 |
2017-11-16 | CVE-2017-11058 | Out-of-bounds Read vulnerability in Google Android In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur. | 5.0 |
2017-11-16 | CVE-2017-11035 | Out-of-bounds Read vulnerability in Google Android In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr_roam_issue_ft_preauth_req" due to incorrect initialization of WEXT callbacks and lack of the checks for buffer size. | 4.6 |
2017-11-16 | CVE-2017-14034 | Out-of-bounds Read vulnerability in Libbpg Project Libbpg 0.9.7 The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact. | 6.8 |
2017-11-15 | CVE-2017-16829 | Out-of-bounds Read vulnerability in GNU Binutils 2.29.1 The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. | 7.8 |
2017-11-14 | CVE-2017-6264 | Out-of-bounds Read vulnerability in Linux Kernel An elevation of privilege vulnerability exists in the NVIDIA GPU driver (gm20b_clk_throt_set_cdev_state), where an out of bound memory read is used as a function pointer could lead to code execution in the kernel.This issue is rated as high because it could allow a local malicious application to execute arbitrary code within the context of a privileged process. | 9.3 |
2017-11-13 | CVE-2017-16808 | Out-of-bounds Read vulnerability in Tcpdump 4.9.2 tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. | 5.5 |
2017-11-13 | CVE-2017-16805 | Out-of-bounds Read vulnerability in Radare Radare2 2.0.1 In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to r_bin_dwarf_parse_comp_unit in dwarf.c and sdb_set_internal in shlr/sdb/src/sdb.c. | 4.3 |