Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-11399 Out-of-bounds Read vulnerability in Ffmpeg
Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access and application crash) or possibly have unspecified other impact via a crafted APE file.
network
ffmpeg CWE-125
6.8
6.8
2017-07-17 CVE-2017-10987 Out-of-bounds Read vulnerability in Freeradius
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.
network
low complexity
freeradius CWE-125
5.0
5.0
2017-07-17 CVE-2017-10982 Out-of-bounds Read vulnerability in Freeradius
An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service.
network
low complexity
freeradius CWE-125
5.0
5.0
2017-07-17 CVE-2017-11367 Out-of-bounds Read vulnerability in Shoco Project Shoco 20170717
The shoco_decompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service (buffer over-read and application crash) via malformed compressed data.
network
low complexity
shoco-project CWE-125
5.0
5.0
2017-07-17 CVE-2017-9814 Out-of-bounds Read vulnerability in multiple products
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
network
low complexity
cairographics opensuse CWE-125
7.5
7.5
2017-07-17 CVE-2017-11341 Out-of-bounds Read vulnerability in Libsass 3.4.5
There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5.
network
low complexity
libsass CWE-125
5.0
5.0
2017-07-17 CVE-2017-11336 Out-of-bounds Read vulnerability in Exiv2 0.26
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26.
network
exiv2 CWE-125
4.3
4.3
2017-07-10 CVE-2017-11147 Out-of-bounds Read vulnerability in multiple products
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
network
low complexity
php netapp CWE-125
critical
 9.1
9.1
2017-07-10 CVE-2017-11126 Out-of-bounds Read vulnerability in Mpg123
The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870.
network
mpg123 CWE-125
4.3
4.3
2017-07-08 CVE-2017-11108 Out-of-bounds Read vulnerability in Tcpdump 4.9.0
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data.
network
low complexity
tcpdump CWE-125
5.0
5.0