Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-07-06 CVE-2017-10976 Out-of-bounds Read vulnerability in Swftools 0.9.2
When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock() function in lib/ttf.c.
network
low complexity
swftools CWE-125
7.5
2017-07-05 CVE-2017-10928 Out-of-bounds Read vulnerability in Imagemagick 7.0.60
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
network
low complexity
imagemagick CWE-125
8.8
2017-06-29 CVE-2017-10687 Out-of-bounds Read vulnerability in Libsass 3.4.5
In LibSass 3.4.5, there is a heap-based buffer over-read in the function json_mkstream() in sass_context.cpp.
network
low complexity
libsass CWE-125
7.5
2017-06-29 CVE-2017-10683 Out-of-bounds Read vulnerability in Mpg123 1.25.0
In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c.
network
low complexity
mpg123 CWE-125
7.5
2017-06-28 CVE-2017-9986 Out-of-bounds Read vulnerability in Linux Kernel
The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.
local
low complexity
linux CWE-125
7.8
2017-06-28 CVE-2017-9985 Out-of-bounds Read vulnerability in multiple products
The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.
local
low complexity
linux canonical CWE-125
7.8
2017-06-28 CVE-2017-9984 Out-of-bounds Read vulnerability in Linux Kernel
The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.
local
low complexity
linux CWE-125
7.8
2017-06-27 CVE-2017-7520 Out-of-bounds Read vulnerability in Openvpn
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.
network
high complexity
openvpn CWE-125
7.4
2017-06-27 CVE-2017-9223 Out-of-bounds Read vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.7
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
local
low complexity
audiocoding CWE-125
5.5
2017-06-27 CVE-2017-9221 Out-of-bounds Read vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.7
The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
local
low complexity
audiocoding CWE-125
5.5