Vulnerabilities (CVE)

Filtered by CWE-125
Total 5601 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9727 2 Artifex, Debian 2 Ghostscript Ghostxps, Debian Linux 2023-12-10 6.8 MEDIUM 7.8 HIGH
The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-9620 1 Artifex 1 Ghostscript Ghostxps 2023-12-10 6.8 MEDIUM 7.8 HIGH
The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function.
CVE-2017-13031 1 Tcpdump 1 Tcpdump 2023-12-10 7.5 HIGH 9.8 CRITICAL
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
CVE-2017-12897 1 Tcpdump 1 Tcpdump 2023-12-10 7.5 HIGH 9.8 CRITICAL
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
CVE-2017-11753 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file.
CVE-2017-15021 1 Gnu 1 Binutils 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32.
CVE-2017-11090 1 Google 1 Android 2023-12-10 5.0 MEDIUM 7.5 HIGH
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wlan_hdd_cfg80211_set_pmksa when user space application sends PMKID of size less than WLAN_PMKID_LEN bytes.
CVE-2017-13050 1 Tcpdump 1 Tcpdump 2023-12-10 7.5 HIGH 9.8 CRITICAL
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
CVE-2017-16420 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2023-12-10 9.3 HIGH 8.8 HIGH
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is in the part of the JavaScript engine that handles annotation abstraction. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
CVE-2017-9712 1 Google 1 Android 2023-12-10 5.0 MEDIUM 7.5 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, if userspace provides a too-large IE length in wlan_hdd_cfg80211_set_ie, a buffer over-read occurs.
CVE-2017-9715 1 Google 1 Android 2023-12-10 5.0 MEDIUM 7.5 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur.
CVE-2017-13134 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13024 2 Debian, Tcpdump 2 Debian Linux, Tcpdump 2023-12-10 7.5 HIGH 9.8 CRITICAL
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
CVE-2017-11035 1 Google 1 Android 2023-12-10 4.6 MEDIUM 7.8 HIGH
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr_roam_issue_ft_preauth_req" due to incorrect initialization of WEXT callbacks and lack of the checks for buffer size.
CVE-2017-12898 1 Tcpdump 1 Tcpdump 2023-12-10 7.5 HIGH 9.8 CRITICAL
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
CVE-2017-9728 1 Uclibc 1 Uclibc 2023-12-10 7.5 HIGH 9.8 CRITICAL
In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex/regexec.c when processing a crafted regular expression.
CVE-2017-13720 1 X.org 1 Libxfont 2023-12-10 3.6 LOW 7.1 HIGH
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters.
CVE-2017-14503 1 Libarchive 1 Libarchive 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.
CVE-2017-10982 1 Freeradius 1 Freeradius 2023-12-10 5.0 MEDIUM 7.5 HIGH
An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service.
CVE-2017-11722 1 Graphicsmagick 1 Graphicsmagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition.