Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-04-19 CVE-2016-7515 Out-of-bounds Read vulnerability in Imagemagick
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-18 CVE-2017-7939 Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.0
The read_next_pam_token function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted file.
local
low complexity
entropymine CWE-125
5.5
5.5
2017-04-14 CVE-2016-5309 Out-of-bounds Read vulnerability in multiple products
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.
local
low complexity
symantec broadcom CWE-125
5.5
5.5
2017-04-13 CVE-2017-7854 Out-of-bounds Read vulnerability in Radare Radare2 1.3.0
The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
local
low complexity
radare CWE-125
5.5
5.5
2017-04-12 CVE-2017-7716 Out-of-bounds Read vulnerability in Radare Radare2 1.3.0
The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
local
low complexity
radare CWE-125
5.5
5.5
2017-04-12 CVE-2017-3060 Out-of-bounds Read vulnerability in Adobe Flash Player
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser.
network
low complexity
adobe CWE-125
critical
 9.8
9.8
2017-04-12 CVE-2017-3053 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files.
local
low complexity
adobe CWE-125
5.5
5.5
2017-04-12 CVE-2017-3052 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format.
local
low complexity
adobe CWE-125
5.5
5.5
2017-04-12 CVE-2017-3051 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files.
local
low complexity
adobe CWE-125
7.8
7.8
2017-04-12 CVE-2017-3046 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing.
local
low complexity
adobe CWE-125
5.5
5.5