Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-06-08 CVE-2017-4912 Out-of-bounds Read vulnerability in VMWare Horizon View and Workstation
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll.
local
high complexity
vmware CWE-125
7.8
2017-06-08 CVE-2017-4910 Out-of-bounds Read vulnerability in VMWare Horizon View and Workstation
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll.
local
high complexity
vmware CWE-125
7.8
2017-06-07 CVE-2017-4899 Out-of-bounds Read vulnerability in VMWare Workstation Player and Workstation PRO
VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver.
local
high complexity
vmware CWE-125
4.7
2017-06-07 CVE-2017-9474 Out-of-bounds Read vulnerability in Ytnef Project Ytnef 1.9.2
In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
local
low complexity
ytnef-project CWE-125
5.5
2017-06-07 CVE-2017-9472 Out-of-bounds Read vulnerability in Ytnef Project Ytnef 1.9.2
In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
local
low complexity
ytnef-project CWE-125
5.5
2017-06-07 CVE-2017-9471 Out-of-bounds Read vulnerability in multiple products
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
local
low complexity
ytnef-project canonical CWE-125
5.5
2017-06-06 CVE-2017-9465 Out-of-bounds Read vulnerability in Virustotal Yara 3.6.1
The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/re.c and the _yr_scan_match_callback function in libyara/scan.c.
local
low complexity
virustotal CWE-125
7.1
2017-06-05 CVE-2017-9434 Out-of-bounds Read vulnerability in Cryptopp Crypto++
Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.
network
low complexity
cryptopp CWE-125
5.3
2017-06-02 CVE-2017-9359 Out-of-bounds Read vulnerability in Digium Certified Asterisk and Open Source
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
network
low complexity
digium CWE-125
7.5
2017-05-29 CVE-2017-9301 Out-of-bounds Read vulnerability in Videolan VLC Media Player
plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.
local
low complexity
videolan CWE-125
7.8