Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-06-21 CVE-2017-9782 Out-of-bounds Read vulnerability in Jasper Project Jasper 2.0.12
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
local
low complexity
jasper-project CWE-125
5.5
2017-06-21 CVE-2017-9130 Out-of-bounds Read vulnerability in Freeware Advanced Audio Coder Project Freeware Advanced Audio Coder 1.28
The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file.
5.5
2017-06-20 CVE-2017-7668 Out-of-bounds Read vulnerability in multiple products
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string.
network
low complexity
apache netapp redhat debian oracle apple CWE-125
7.5
2017-06-16 CVE-2017-9728 Out-of-bounds Read vulnerability in Uclibc 0.9.33.2
In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex/regexec.c when processing a crafted regular expression.
network
low complexity
uclibc CWE-125
critical
9.8
2017-06-13 CVE-2017-8240 Out-of-bounds Read vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability.
local
low complexity
google CWE-125
7.8
2017-06-13 CVE-2017-8234 Out-of-bounds Read vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an out of bounds access can potentially occur in a camera function.
local
low complexity
google CWE-125
7.8
2017-06-13 CVE-2017-7365 Out-of-bounds Read vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated.
local
low complexity
google CWE-125
7.8
2017-06-12 CVE-2017-9128 Out-of-bounds Read vulnerability in Libquicktime 1.2.4
The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted mp4 file.
network
low complexity
libquicktime CWE-125
6.5
2017-06-12 CVE-2017-9125 Out-of-bounds Read vulnerability in Libquicktime 1.2.4
The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted mp4 file.
network
low complexity
libquicktime CWE-125
6.5
2017-06-12 CVE-2017-9123 Out-of-bounds Read vulnerability in Libquicktime 1.2.4
The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
network
low complexity
libquicktime CWE-125
6.5