Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-07-24 CVE-2017-11605 Out-of-bounds Read vulnerability in Libsass 3.4.5
There is a heap based buffer over-read in LibSass 3.4.5, related to address 0xb4803ea1.
network
low complexity
libsass CWE-125
6.5
2017-07-24 CVE-2017-11600 Out-of-bounds Read vulnerability in Linux Kernel
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.
local
high complexity
linux CWE-125
7.0
2017-07-23 CVE-2017-11577 Out-of-bounds Read vulnerability in Fontforge 20161012
FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file.
local
low complexity
fontforge CWE-125
7.8
2017-07-23 CVE-2017-11575 Out-of-bounds Read vulnerability in Fontforge 20161012
FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c.
local
low complexity
fontforge CWE-125
7.8
2017-07-23 CVE-2017-11573 Out-of-bounds Read vulnerability in Fontforge 20161012
FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file.
local
low complexity
fontforge CWE-125
7.8
2017-07-23 CVE-2017-11572 Out-of-bounds Read vulnerability in Fontforge 20161012
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
local
low complexity
fontforge CWE-125
7.8
2017-07-23 CVE-2017-11570 Out-of-bounds Read vulnerability in Fontforge 20161012
FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file.
local
low complexity
fontforge CWE-125
7.8
2017-07-23 CVE-2017-11569 Out-of-bounds Read vulnerability in Fontforge 20161012
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file.
local
low complexity
fontforge CWE-125
7.8
2017-07-23 CVE-2017-11568 Out-of-bounds Read vulnerability in Fontforge 20161012
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file.
local
low complexity
fontforge CWE-125
7.8
2017-07-23 CVE-2017-11542 Out-of-bounds Read vulnerability in Tcpdump 4.9.0
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
network
low complexity
tcpdump CWE-125
critical
9.8