CWE-125— Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
8,086 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-125page 6 of 162
- CVE-2018-1000122CRITICALCVSS 9.1EG 9.12018-03-14
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
- CVE-2018-1000301CRITICALCVSS 9.1EG 9.12018-05-24
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store down…
- CVE-2018-1000668MEDIUMCVSS 6.5EG 6.52018-09-06
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must exec…
- CVE-2018-1000852MEDIUMCVSS 6.5EG 6.52018-12-20
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The R…
- CVE-2018-10017MEDIUMCVSS 6.5EG 6.52018-04-11
soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.
- CVE-2018-10186MEDIUMCVSS 5.5EG 5.52018-04-17
In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from …
- CVE-2018-10187MEDIUMCVSS 5.5EG 5.52018-04-17
In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is…
- CVE-2018-10242HIGHCVSS 7.5EG 7.52019-04-04
Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check.
- CVE-2018-10243CRITICALCVSS 9.8EG 9.82019-04-04
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.
- CVE-2018-10254HIGHCVSS 7.8EG 7.82018-04-21
Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact …
- CVE-2018-10360MEDIUMCVSS 6.5EG 6.52018-06-11
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
- CVE-2018-10372MEDIUMCVSS 5.5EG 5.52018-04-25
process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf.
- CVE-2018-10392HIGHCVSS 8.8EG 8.82018-04-26
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other im…
- CVE-2018-10393HIGHCVSS 7.5EG 7.52018-04-26
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
- CVE-2018-10475MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10476MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10478MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10479MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10480MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10481MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10482MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10485MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10486MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10487MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10490HIGHCVSS 8.8EG 8.82018-05-17
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open…
- CVE-2018-10492MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
- CVE-2018-10493MEDIUMCVSS 6.5EG 6.52018-05-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page …
- CVE-2018-10506MEDIUMCVSS 4.7EG 4.72018-06-08
A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x2…
- CVE-2018-10529HIGHCVSS 8.8EG 8.82018-04-29
An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
- CVE-2018-1054HIGHCVSS 7.5EG 7.52018-03-07
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a…
- CVE-2018-10549HIGHCVSS 8.8EG 8.82018-04-29
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the cas…
- CVE-2018-1056HIGHCVSS 7.8EG 7.82018-07-27
An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP …
- CVE-2018-10598HIGHCVSS 8.1EG 8.12018-08-13
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker…
- CVE-2018-10623CRITICALCVSS 9.8EG 9.82018-06-18
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of opera…
- CVE-2018-10733MEDIUMCVSS 6.5EG 6.52018-05-04
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
- CVE-2018-10767MEDIUMCVSS 6.5EG 6.52018-05-06
There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted i…
- CVE-2018-10778HIGHCVSS 7.8EG 7.82018-05-07
Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different v…
- CVE-2018-10779MEDIUMCVSS 6.5EG 6.52018-05-07
TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.
- CVE-2018-10780MEDIUMCVSS 6.5EG 6.52018-05-07
Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.
- CVE-2018-10877HIGHCVSS 7.3EG 6.52018-07-18
Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.
- CVE-2018-10887HIGHCVSS 8.1EG 8.12018-07-10
A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing t…
- CVE-2018-10888MEDIUMCVSS 6.5EG 6.52018-07-10
A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service.
- CVE-2018-1093MEDIUMCVSS 5.5EG 5.52018-04-02
The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not …
- CVE-2018-10945HIGHCVSS 7.5EG 7.52018-06-19
The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert…
- CVE-2018-10999MEDIUMCVSS 6.5EG 6.52018-05-12
An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.
- CVE-2018-11005MEDIUMCVSS 5.5EG 5.52021-01-11
A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
- CVE-2018-11058CRITICALCVSS 9.8EG 9.82018-09-14
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A…
- CVE-2018-11099MEDIUMCVSS 5.5EG 5.52018-05-17
The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file.
- CVE-2018-11205HIGHCVSS 8.1EG 8.12018-05-16
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
- CVE-2018-11206HIGHCVSS 8.1EG 8.12018-05-16
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
Map vulnerabilities like CWE-125 to your infrastructure
EchelonGraph correlates every CVE — across CWE-125 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →