Vulnerabilities > Out-of-bounds Read
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-25 | CVE-2017-9870 | Out-of-bounds Read vulnerability in Lame Project Lame 3.99.5 The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type == 2" case, a similar issue to CVE-2017-11126. | 5.5 |
| 2017-06-25 | CVE-2017-9869 | Out-of-bounds Read vulnerability in Lame Project Lame 3.99.5 The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. | 5.5 |
| 2017-06-25 | CVE-2015-9099 | Out-of-bounds Read vulnerability in Lame Project Lame 3.99.5 The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file with a negative sample rate. | 5.5 |
| 2017-06-25 | CVE-2017-9865 | Out-of-bounds Read vulnerability in multiple products The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc. | 5.5 |
| 2017-06-24 | CVE-2017-9847 | Out-of-bounds Read vulnerability in Libtorrent 1.1.3 The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | 5.5 |
| 2017-06-21 | CVE-2017-9782 | Out-of-bounds Read vulnerability in Jasper Project Jasper 2.0.12 JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c. | 5.5 |
| 2017-06-21 | CVE-2017-9130 | Out-of-bounds Read vulnerability in Freeware Advanced Audio Coder Project Freeware Advanced Audio Coder 1.28 The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file. | 5.5 |
| 2017-06-20 | CVE-2017-7668 | Out-of-bounds Read vulnerability in multiple products The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. | 7.5 |
| 2017-06-16 | CVE-2017-9728 | Out-of-bounds Read vulnerability in Uclibc 0.9.33.2 In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex/regexec.c when processing a crafted regular expression. | 9.8 |
| 2017-06-13 | CVE-2017-8240 | Out-of-bounds Read vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability. | 7.8 |