| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2018-20783 |
1 Php |
1 Php |
2019-02-21 |
5.0 |
| In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar... |
| CVE-2019-3557 |
1 Facebook |
1 Hhvm |
2019-02-20 |
7.5 |
| The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some stream functions, such as stream_get_line, to trigger an out-of-bounds read when... |
| CVE-2019-8378 |
1 Axiosys |
1 Bento4 |
2019-02-20 |
6.8 |
| An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It... |
| CVE-2019-3812 |
1 Qemu |
1 Qemu |
2019-02-20 |
2.1 |
| QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack... |
| CVE-2019-5770 |
1 Google |
1 Chrome |
2019-02-20 |
6.8 |
| Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. |
| CVE-2018-8799 |
1 Rdesktop |
1 Rdesktop |
2019-02-20 |
5.0 |
| rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault). |
| CVE-2018-8798 |
1 Rdesktop |
1 Rdesktop |
2019-02-20 |
5.0 |
| rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak. |
| CVE-2018-8796 |
1 Rdesktop |
1 Rdesktop |
2019-02-20 |
5.0 |
| rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault). |
| CVE-2018-8792 |
1 Rdesktop |
1 Rdesktop |
2019-02-20 |
5.0 |
| rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault). |
| CVE-2018-8791 |
1 Rdesktop |
1 Rdesktop |
2019-02-20 |
5.0 |
| rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak. |
| CVE-2019-8397 |
1 Hdfgroup |
1 Hdf5 |
2019-02-19 |
4.3 |
| An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_close_real in H5T.c. |
| CVE-2019-8398 |
1 Hdfgroup |
1 Hdf5 |
2019-02-19 |
4.3 |
| An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_get_size in H5T.c. |
| CVE-2019-8906 |
1 File Project |
1 File |
2019-02-19 |
6.8 |
| do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. |
| CVE-2019-8904 |
1 File Project |
1 File |
2019-02-19 |
6.8 |
| do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf. |
| CVE-2019-8905 |
1 File Project |
1 File |
2019-02-19 |
6.8 |
| do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. |
| CVE-2018-20721 |
|
|
2019-02-19 |
7.5 |
| URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address. |
| CVE-2018-1303 |
2 Apache, Debian |
2 Http Server, Debian Linux |
2019-02-19 |
5.0 |
| A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users... |
| CVE-2018-16890 |
3 Haxx, Canonical, Debian |
3 Libcurl, Ubuntu Linux, Debian Linux |
2019-02-15 |
5.0 |
| libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is... |
| CVE-2018-20482 |
2 Gnu, Debian |
2 Tar, Debian Linux |
2019-02-14 |
1.9 |
| GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be... |
| CVE-2018-6974 |
|
|
2019-02-14 |
7.2 |
| VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This... |
