Vulnerabilities (CVE)

CWE filter

CWE-125

Filter

1202 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-20783 1 Php 1 Php 2019-02-21 5.0
In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar...
CVE-2019-3557 1 Facebook 1 Hhvm 2019-02-20 7.5
The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some stream functions, such as stream_get_line, to trigger an out-of-bounds read when...
CVE-2019-8378 1 Axiosys 1 Bento4 2019-02-20 6.8
An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It...
CVE-2019-3812 1 Qemu 1 Qemu 2019-02-20 2.1
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack...
CVE-2019-5770 1 Google 1 Chrome 2019-02-20 6.8
Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2018-8799 1 Rdesktop 1 Rdesktop 2019-02-20 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault).
CVE-2018-8798 1 Rdesktop 1 Rdesktop 2019-02-20 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak.
CVE-2018-8796 1 Rdesktop 1 Rdesktop 2019-02-20 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault).
CVE-2018-8792 1 Rdesktop 1 Rdesktop 2019-02-20 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault).
CVE-2018-8791 1 Rdesktop 1 Rdesktop 2019-02-20 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak.
CVE-2019-8397 1 Hdfgroup 1 Hdf5 2019-02-19 4.3
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_close_real in H5T.c.
CVE-2019-8398 1 Hdfgroup 1 Hdf5 2019-02-19 4.3
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_get_size in H5T.c.
CVE-2019-8906 1 File Project 1 File 2019-02-19 6.8
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
CVE-2019-8904 1 File Project 1 File 2019-02-19 6.8
do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
CVE-2019-8905 1 File Project 1 File 2019-02-19 6.8
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
CVE-2018-20721 2019-02-19 7.5
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.
CVE-2018-1303 2 Apache, Debian 2 Http Server, Debian Linux 2019-02-19 5.0
A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users...
CVE-2018-16890 3 Haxx, Canonical, Debian 3 Libcurl, Ubuntu Linux, Debian Linux 2019-02-15 5.0
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is...
CVE-2018-20482 2 Gnu, Debian 2 Tar, Debian Linux 2019-02-14 1.9
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be...
CVE-2018-6974 2019-02-14 7.2
VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This...