CWE-125— Out-of-bounds Read
7,742 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-125page 13 of 155
- CVE-2018-16982MEDIUMCVSS 5.5EG 5.52018-09-13
Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file.
- CVE-2018-16985HIGHCVSS 7.5EG 7.52018-09-13
In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a segmentation fault and application crash…
- CVE-2018-17072CRITICALCVSS 9.8EG 9.82018-09-16
JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.
- CVE-2018-17206MEDIUMCVSS 4.9EG 4.92018-09-19
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.
- CVE-2018-17235MEDIUMCVSS 6.5EG 6.52018-09-20
The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.
- CVE-2018-17292MEDIUMCVSS 6.5EG 6.52018-09-21
An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused …
- CVE-2018-17294MEDIUMCVSS 6.5EG 6.52018-09-21
The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input …
- CVE-2018-17360MEDIUMCVSS 5.5EG 5.52018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafte…
- CVE-2018-17427MEDIUMCVSS 6.5EG 6.52018-10-01
SIMDComp before 0.1.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes.
- CVE-2018-17435MEDIUMCVSS 6.5EG 6.52018-09-24
A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
- CVE-2018-17461HIGHCVSS 8.8EG 8.82019-01-09
An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
- CVE-2018-17466HIGHCVSS 8.8EG 8.82018-11-14
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- CVE-2018-17469HIGHCVSS 8.8EG 8.82018-11-14
Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
- CVE-2018-17580HIGHCVSS 7.1EG 7.12018-09-28
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to pr…
- CVE-2018-17582HIGHCVSS 7.1EG 7.12018-09-28
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)…
- CVE-2018-17622MEDIUMCVSS 6.5EG 6.52018-10-29
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page …
- CVE-2018-17671HIGHCVSS 8.8EG 8.82019-01-24
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page …
- CVE-2018-17686MEDIUMCVSS 6.5EG 6.52019-01-24
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page …
- CVE-2018-17693HIGHCVSS 8.8EG 8.82019-01-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or o…
- CVE-2018-17699MEDIUMCVSS 6.5EG 6.52019-01-24
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page …
- CVE-2018-17700HIGHCVSS 8.8EG 8.82019-01-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or o…
- CVE-2018-17701HIGHCVSS 8.8EG 8.82019-01-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or o…
- CVE-2018-17854MEDIUMCVSS 6.5EG 6.52018-10-01
SIMDComp before 0.1.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes. NOTE: this issue exists because of an incomplete fix for CVE…
- CVE-2018-17895CRITICALCVSS 9.8EG 9.82018-10-17
LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution.
- CVE-2018-17974MEDIUMCVSS 5.5EG 5.52018-10-03
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (p…
- CVE-2018-17983CRITICALCVSS 9.1EG 9.12018-10-04
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
- CVE-2018-18023MEDIUMCVSS 6.5EG 6.52018-10-07
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.
- CVE-2018-18025MEDIUMCVSS 6.5EG 6.52018-10-07
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
- CVE-2018-18059MEDIUMCVSS 5.3EG 5.32019-05-24
An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an all…
- CVE-2018-18060MEDIUMCVSS 5.3EG 5.32019-05-24
An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an …
- CVE-2018-18089MEDIUMCVSS 5.5EG 5.52019-03-14
Multiple out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20…
- CVE-2018-18090MEDIUMCVSS 5.5EG 5.52019-03-14
Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373…
- CVE-2018-18194HIGHCVSS 8.8EG 8.82018-10-09
An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample() in DLS.cpp.
- CVE-2018-18196HIGHCVSS 8.8EG 8.82018-10-09
An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in RIFF::List::GetListTypeString in RIFF.cpp.
- CVE-2018-18224HIGHCVSS 8.1EG 8.12018-10-19
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. …
- CVE-2018-18313CRITICALCVSS 9.1EG 9.12018-12-07
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
- CVE-2018-18359HIGHCVSS 8.8EG 8.82018-12-11
Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- CVE-2018-18398MEDIUMCVSS 4.7EG 4.72018-10-19
Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who create…
- CVE-2018-18407MEDIUMCVSS 5.5EG 5.52018-10-17
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a de…
- CVE-2018-18409MEDIUMCVSS 5.5EG 5.52018-10-17
A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.
- CVE-2018-18445HIGHCVSS 7.8EG 7.82018-10-17
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c misha…
- CVE-2018-18454MEDIUMCVSS 5.5EG 5.52018-10-18
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
- CVE-2018-18455MEDIUMCVSS 5.5EG 5.52018-10-18
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
- CVE-2018-18456MEDIUMCVSS 5.5EG 5.52018-10-18
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
- CVE-2018-18480MEDIUMCVSS 6.5EG 6.52018-10-18
A heap-based buffer over-read exists in libopencad 0.2.0 in the ReadMCHAR function in lib/dwg/io.cpp, resulting in an application crash.
- CVE-2018-18481MEDIUMCVSS 6.5EG 6.52018-10-18
A heap-based buffer over-read exists in libopencad 0.2.0 in the ReadCHAR function in lib/dwg/io.cpp, resulting in an application crash.
- CVE-2018-18504CRITICALCVSS 9.8EG 9.82019-02-05
A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the…
- CVE-2018-18581HIGHCVSS 8.8EG 8.82018-10-22
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c.
- CVE-2018-18605MEDIUMCVSS 5.5EG 5.52018-10-23
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles se…
- CVE-2018-18662MEDIUMCVSS 5.5EG 5.52018-10-26
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
Map vulnerabilities like CWE-125 to your infrastructure
EchelonGraph correlates every CVE — across CWE-125 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →