Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-05-05 CVE-2017-8787 Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5
The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.
network
low complexity
podofo-project CWE-125
8.8
2017-05-04 CVE-2017-3731 Out-of-bounds Read vulnerability in multiple products
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash.
network
low complexity
openssl nodejs CWE-125
7.5
2017-05-03 CVE-2017-8455 Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.
local
low complexity
foxitsoftware CWE-125
7.8
2017-05-03 CVE-2017-8454 Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.
network
low complexity
foxitsoftware CWE-125
8.8
2017-05-03 CVE-2017-8453 Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.
network
low complexity
foxitsoftware CWE-125
8.8
2017-05-02 CVE-2017-7483 Out-of-bounds Read vulnerability in multiple products
Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read.
network
low complexity
rxvt-project debian CWE-125
7.5
2017-05-01 CVE-2017-8401 Out-of-bounds Read vulnerability in Swftools
In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724.
network
low complexity
swftools CWE-125
6.5
2017-05-01 CVE-2017-8393 Out-of-bounds Read vulnerability in GNU Binutils 2.28
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix.
network
low complexity
gnu CWE-125
7.5
2017-05-01 CVE-2017-8374 Out-of-bounds Read vulnerability in Underbit MAD Libmad 0.15.1B
The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
local
low complexity
underbit CWE-125
5.5
2017-04-30 CVE-2017-8365 Out-of-bounds Read vulnerability in multiple products
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
network
low complexity
libsndfile-project debian CWE-125
6.5