Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-05-23 CVE-2017-9171 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24.
network
low complexity
autotrace-project CWE-125
critical
9.8
2017-05-23 CVE-2017-9166 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11.
network
low complexity
autotrace-project CWE-125
critical
9.8
2017-05-23 CVE-2017-9165 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:17:11.
network
low complexity
autotrace-project CWE-125
critical
9.8
2017-05-23 CVE-2017-9164 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11.
network
low complexity
autotrace-project CWE-125
critical
9.8
2017-05-23 CVE-2017-9155 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3.
network
low complexity
autotrace-project CWE-125
7.5
2017-05-23 CVE-2017-9154 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11.
network
low complexity
autotrace-project CWE-125
7.5
2017-05-23 CVE-2017-9152 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41.
network
low complexity
autotrace-project CWE-125
critical
9.8
2017-05-22 CVE-2017-9147 Out-of-bounds Read vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file.
network
low complexity
libtiff CWE-125
6.5
2017-05-21 CVE-2017-9117 Out-of-bounds Read vulnerability in multiple products
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.
network
low complexity
libtiff canonical CWE-125
critical
9.8
2017-05-19 CVE-2017-9074 Out-of-bounds Read vulnerability in Linux Kernel
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.
local
low complexity
linux CWE-125
7.8