Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-02-06 CVE-2016-9532 Out-of-bounds Read vulnerability in multiple products
Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.
local
low complexity
libtiff debian CWE-125
5.5
2017-02-06 CVE-2016-7449 Out-of-bounds Read vulnerability in multiple products
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
network
low complexity
graphicsmagick debian opensuse CWE-125
7.5
2017-02-06 CVE-2016-10208 Out-of-bounds Read vulnerability in Linux Kernel
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.
low complexity
linux CWE-125
4.3
2017-02-03 CVE-2016-10165 Out-of-bounds Read vulnerability in multiple products
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
7.1
2017-02-03 CVE-2016-3183 Out-of-bounds Read vulnerability in Uclouvain Openjpeg
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.
local
low complexity
uclouvain CWE-125
5.5
2017-02-03 CVE-2016-9642 Out-of-bounds Read vulnerability in Webkit
JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.
local
low complexity
webkit CWE-125
5.5
2017-02-03 CVE-2016-8568 Out-of-bounds Read vulnerability in multiple products
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
5.5
2017-02-03 CVE-2016-6163 Out-of-bounds Read vulnerability in Gnome Librsvg 2.40.2
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
local
low complexity
gnome CWE-125
5.5
2017-02-03 CVE-2016-5115 Out-of-bounds Read vulnerability in Libavformat Project Libavformat 57.34.103
The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.
local
low complexity
libavformat-project CWE-125
5.5
2017-02-02 CVE-2016-6238 Out-of-bounds Read vulnerability in Lepton Project Lepton 1.0
The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file.
local
low complexity
lepton-project CWE-125
5.5