CWE-125— Out-of-bounds Read
7,742 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-125page 4 of 155
- CVE-2017-16912MEDIUMCVSS 5.9EG 5.92018-01-31
The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.
- CVE-2017-17137MEDIUMCVSS 5.5EG 5.52018-03-05
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200…
- CVE-2017-17165HIGHCVSS 7.5EG 7.52018-02-15
IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003C00SPC300T, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S2700 V200R0…
- CVE-2017-17182MEDIUMCVSS 4.3EG 4.32018-02-15
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a out-of-bounds read vulner…
- CVE-2017-17185MEDIUMCVSS 4.3EG 4.32018-02-15
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a out-of-bounds read vulner…
- CVE-2017-17199MEDIUMCVSS 5.9EG 5.92018-03-09
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulne…
- CVE-2017-17200MEDIUMCVSS 5.9EG 5.92018-03-09
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulne…
- CVE-2017-17202HIGHCVSS 7.5EG 7.52018-02-15
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, …
- CVE-2017-17216MEDIUMCVSS 5.9EG 5.92018-03-09
Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C0…
- CVE-2017-17218MEDIUMCVSS 5.3EG 5.32018-03-09
SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bo…
- CVE-2017-17220MEDIUMCVSS 5.3EG 5.32018-03-09
SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid m…
- CVE-2017-17227HIGHCVSS 7.8EG 7.82018-03-09
GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access v…
- CVE-2017-17252MEDIUMCVSS 5.3EG 5.32018-04-24
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R00…
- CVE-2017-17253HIGHCVSS 7.5EG 7.52018-04-24
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R00…
- CVE-2017-17281MEDIUMCVSS 4.3EG 4.32018-03-09
SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vuln…
- CVE-2017-17283MEDIUMCVSS 5.3EG 5.32018-02-15
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00 have an out-of-boun…
- CVE-2017-17306MEDIUMCVSS 5.5EG 5.52018-03-20
Some Huawei Smartphones with software of VNS-L21AUTC555B141, VNS-L21C10B160, VNS-L21C66B160, VNS-L21C703B140 have an array out-of-bounds read vulnerability. Due to the lack verification of array, an attacker tricks a user into installing a…
- CVE-2017-17307MEDIUMCVSS 5.5EG 5.52018-03-20
Some Huawei Smartphones with software of VNS-L21AUTC555B141 have an out-of-bounds read vulnerability. Due to the lack string terminator of string, an attacker tricks a user into installing a malicious application, and the application can e…
- CVE-2017-17316MEDIUMCVSS 5.3EG 5.32018-07-02
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulne…
- CVE-2017-17723HIGHCVSS 8.1EG 8.12018-02-12
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file.
- CVE-2017-17724MEDIUMCVSS 6.5EG 6.52018-02-12
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TI…
- CVE-2017-17772CRITICALCVSS 9.8EG 9.82024-11-26
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
- CVE-2017-18009HIGHCVSS 7.5EG 7.52018-01-01
In OpenCV 3.3.1, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp.
- CVE-2017-18030MEDIUMCVSS 4.4EG 4.42018-01-23
The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
- CVE-2017-18050HIGHCVSS 7.8EG 7.82018-03-16
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev_map in wma_tbttoffset_update_event_handler(), which is received from firmware, leads to pote…
- CVE-2017-18051HIGHCVSS 7.5EG 7.52018-03-16
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for event->vdev_id in wma_rcpi_event_handler(), which is received from firmware, leads to potential o…
- CVE-2017-18052HIGHCVSS 7.5EG 7.52018-03-16
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for cmpl_params->num_reports, param_buf->desc_ids and param_buf->status in wma_mgmt_tx_bundle_complet…
- CVE-2017-18053HIGHCVSS 7.5EG 7.52018-03-16
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for fix_param->vdev_id in wma_p2p_lo_event_handler(), which is received from firmware, leads to poten…
- CVE-2017-18056HIGHCVSS 7.8EG 7.82018-03-15
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev_id in wma_unified_bcntx_status_event_handler() which is received from firmware leads to pote…
- CVE-2017-18057HIGHCVSS 7.5EG 7.52018-03-16
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_nlo_scan_cmp_evt_handler(), which is received from firmware, leads to potential ou…
- CVE-2017-18058HIGHCVSS 7.5EG 7.52018-03-16
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wow_buf_pkt_len in wma_wow_wakeup_host_event() which is received from firmware leads to potential…
- CVE-2017-18059HIGHCVSS 7.5EG 7.52018-03-16
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_scan_event_callback(), which is received from firmware, leads to potential out of …
- CVE-2017-18060HIGHCVSS 7.5EG 7.52018-03-16
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for resp_event->vdev_id in wma_unified_bcntx_status_event_handler(), which is received from firmware,…
- CVE-2017-18069HIGHCVSS 7.5EG 7.52018-03-15
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper message length calculation in oem_cmd_handler() while processing a WLAN_NL_MSG_OEM netlink message leads to buffer ove…
- CVE-2017-18130CRITICALCVSS 9.8EG 9.82018-04-11
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, …
- CVE-2017-18159HIGHCVSS 7.8EG 7.82018-07-06
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array ou…
- CVE-2017-18184MEDIUMCVSS 5.5EG 5.52018-02-13
An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.
- CVE-2017-18185MEDIUMCVSS 5.5EG 5.52018-02-13
An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter.
- CVE-2017-18198HIGHCVSS 8.8EG 8.82018-02-24
print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.
- CVE-2017-18212CRITICALCVSS 9.8EG 9.82018-03-01
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload.
- CVE-2017-18242MEDIUMCVSS 6.5EG 6.52018-03-22
The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.
- CVE-2017-18244MEDIUMCVSS 6.5EG 6.52018-03-22
The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.
- CVE-2017-18245MEDIUMCVSS 6.5EG 6.52018-03-23
The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file.
- CVE-2017-18246MEDIUMCVSS 6.5EG 6.52018-03-23
The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file.
- CVE-2017-18281MEDIUMCVSS 5.5EG 5.52018-10-29
A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel
- CVE-2017-18294HIGHCVSS 7.8EG 7.82018-10-23
While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MD…
- CVE-2017-18304HIGHCVSS 7.8EG 7.82018-10-23
Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, M…
- CVE-2017-18315HIGHCVSS 7.8EG 7.82018-11-28
Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600.
- CVE-2017-18344MEDIUMCVSS 5.5EG 5.52018-07-26
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when…
- CVE-2017-18446MEDIUMCVSS 6.3EG 6.32019-08-02
cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250).
Map vulnerabilities like CWE-125 to your infrastructure
EchelonGraph correlates every CVE — across CWE-125 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →