Vulnerabilities > Out-of-bounds Read
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-17 | CVE-2017-10982 | Out-of-bounds Read vulnerability in Freeradius An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service. | 7.5 |
2017-07-17 | CVE-2017-11367 | Out-of-bounds Read vulnerability in Shoco Project Shoco 20170717 The shoco_decompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service (buffer over-read and application crash) via malformed compressed data. | 7.5 |
2017-07-17 | CVE-2017-9814 | Out-of-bounds Read vulnerability in multiple products cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call. | 7.5 |
2017-07-17 | CVE-2017-11341 | Out-of-bounds Read vulnerability in Libsass 3.4.5 There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. | 7.5 |
2017-07-17 | CVE-2017-11336 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. | 6.5 |
2017-07-10 | CVE-2017-11147 | Out-of-bounds Read vulnerability in multiple products In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c. | 9.1 |
2017-07-10 | CVE-2017-11126 | Out-of-bounds Read vulnerability in Mpg123 The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870. | 5.5 |
2017-07-08 | CVE-2017-11108 | Out-of-bounds Read vulnerability in Tcpdump 4.9.0 tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. | 7.5 |
2017-07-07 | CVE-2017-10995 | Out-of-bounds Read vulnerability in Imagemagick 7.0.60 The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. | 5.5 |
2017-07-07 | CVE-2017-10989 | Out-of-bounds Read vulnerability in Sqlite The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. | 9.8 |