Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-7506

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-29 Oct, 2016 | 01:00
Updated At-06 Aug, 2024 | 01:57
Rejected At-
Credits

An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:29 Oct, 2016 | 01:00
Updated At:06 Aug, 2024 | 01:57
Rejected At:
▼CVE Numbering Authority (CNA)

An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://bugs.ghostscript.com/show_bug.cgi?id=697141
x_refsource_CONFIRM
http://www.securityfocus.com/bid/94241
vdb-entry
x_refsource_BID
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=697141
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/94241
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://bugs.ghostscript.com/show_bug.cgi?id=697141
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/94241
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=697141
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/94241
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:29 Oct, 2016 | 01:59
Updated At:12 Apr, 2025 | 10:46

An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Artifex Software Inc.
artifex
>>mujs>>Versions up to 8c805b4eb19cf2af689c860b77e6111d2ee439d5(inclusive)
cpe:2.3:a:artifex:mujs:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.ghostscript.com/show_bug.cgi?id=697141cve@mitre.org
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/94241cve@mitre.org
Third Party Advisory
VDB Entry
http://bugs.ghostscript.com/show_bug.cgi?id=697141af854a3a-2127-422b-91ae-364da2661108
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/94241af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=697141
Source: cve@mitre.org
Resource:
Exploit
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/94241
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=697141
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/94241
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

445Records found
CVE-2016-9109
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.84% / 73.70%
||
7 Day CHG~0.00%
Published-18 Jan, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. NOTE: this vulnerability exists due to an incomplete fix for CVE-2016-7563.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-7563
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.09%
||
7 Day CHG~0.00%
Published-18 Jan, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-5991
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-19.34% / 95.14%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 06:11
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/Linux
Product-debian_linuxmupdfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-11412
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.76% / 81.84%
||
7 Day CHG~0.00%
Published-21 Apr, 2019 | 19:14
Updated-04 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.

Action-Not Available
Vendor-n/aFedora ProjectArtifex Software Inc.
Product-mujsfedoran/a
CWE ID-CWE-670
Always-Incorrect Control Flow Implementation
CVE-2016-9294
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.49% / 64.57%
||
7 Day CHG~0.00%
Published-12 Nov, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed labeled break/continue in JavaScript" approach, related to a "NULL pointer dereference" issue affecting the jscompile.c component.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9108
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.83% / 73.51%
||
7 Day CHG~0.00%
Published-03 Feb, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression.

Action-Not Available
Vendor-n/aArtifex Software Inc.Fedora Project
Product-fedoramujsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-7564
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.76%
||
7 Day CHG~0.00%
Published-18 Jan, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-22885
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.42%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 14:44
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-10132
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.78%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation.

Action-Not Available
Vendor-n/aArtifex Software Inc.Fedora Project
Product-mujsfedoran/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-11413
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.09% / 77.00%
||
7 Day CHG~0.00%
Published-21 Apr, 2019 | 19:14
Updated-04 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2020-22886
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.56% / 67.40%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 14:44
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-8908
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 59.34%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 06:54
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-ghostscriptn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-5896
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 60.18%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mupdfn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-46955
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.07%
||
7 Day CHG~0.00%
Published-10 Nov, 2024 | 00:00
Updated-14 Nov, 2024 | 01:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/LinuxSUSE
Product-linux_enterprise_serverdebian_linuxlinux_enterprise_high_performance_computingghostscriptlinux_enterprise_server_for_sapn/aghostscript
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14975
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.22% / 44.60%
||
7 Day CHG~0.00%
Published-14 Aug, 2019 | 12:46
Updated-05 Aug, 2024 | 00:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mupdfn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-38559
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.10%
||
7 Day CHG~0.00%
Published-01 Aug, 2023 | 16:49
Updated-03 Aug, 2025 | 10:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ghostscript: out-of-bound read in base/gdevdevn.c:1973 in devn_pcx_write_rle could result in dos

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Fedora ProjectArtifex Software Inc.
Product-ghostscriptdebian_linuxfedoraenterprise_linuxRed Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-18662
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-12 Sep, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mupdfn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9611
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.43%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/Linux
Product-ghostscriptdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9739
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.43%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/Linux
Product-debian_linuxghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9610
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 62.00%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-ghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9620
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.38% / 58.74%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-ghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9726
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.43%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/Linux
Product-debian_linuxghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9727
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.43%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/Linux
Product-debian_linuxghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9740
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 62.00%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-ghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-4042
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.85%
||
7 Day CHG~0.00%
Published-23 Aug, 2023 | 12:19
Updated-05 Aug, 2025 | 04:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ghostscript: incomplete fix for cve-2020-16305

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

Action-Not Available
Vendor-Red Hat, Inc.Artifex Software Inc.
Product-codeready_linux_builder_for_ibm_z_systemscodeready_linux_builder_for_power_little_endianghostscriptenterprise_linuxenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systemscodeready_linux_builder_for_arm64enterprise_linux_for_arm_64codeready_linux_builderRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-46956
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.21%
||
7 Day CHG~0.00%
Published-10 Nov, 2024 | 00:00
Updated-31 Jul, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/LinuxSUSE
Product-linux_enterprise_serverdebian_linuxlinux_enterprise_high_performance_computingghostscriptlinux_enterprise_server_for_sapn/aghostscript
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-11714
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 55.64%
||
7 Day CHG~0.00%
Published-28 Jul, 2017 | 05:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/Linux
Product-ghostscriptdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-9017
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.29% / 52.02%
||
7 Day CHG~0.00%
Published-28 Oct, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-9179
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.07%
||
7 Day CHG~0.00%
Published-23 May, 2017 | 03:56
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:425:14.

Action-Not Available
Vendor-autotrace_projectn/a
Product-autotracen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9174
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.07%
||
7 Day CHG~0.00%
Published-23 May, 2017 | 03:56
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:21:23.

Action-Not Available
Vendor-autotrace_projectn/a
Product-autotracen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9155
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.07%
||
7 Day CHG~0.00%
Published-23 May, 2017 | 03:56
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3.

Action-Not Available
Vendor-autotrace_projectn/a
Product-autotracen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9154
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.07%
||
7 Day CHG~0.00%
Published-23 May, 2017 | 03:56
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11.

Action-Not Available
Vendor-autotrace_projectn/a
Product-autotracen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9359
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.73%
||
7 Day CHG~0.00%
Published-02 Jun, 2017 | 05:04
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

Action-Not Available
Vendor-n/aDigium, Inc.
Product-open_sourcecertified_asteriskn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9050
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.76%
||
7 Day CHG~0.00%
Published-18 May, 2017 | 06:13
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.

Action-Not Available
Vendor-n/alibxml2 (XMLSoft)
Product-libxml2n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-6568
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.33%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 13:40
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf182ccp1604_firmwaresimatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_s7-400_pn\/dpsimatic_s7-400_pn_firmwaresimatic_et_200_sp_open_controller_cpu_1515sp_pc2simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmwaresimatic_teleservice_adapter_ie_standard_firmwaresimatic_s7-1500_firmwaresinamics_s150_firmwaresimatic_rf600rsimatic_winac_rtxsinamics_gm150sinamics_s210sinamics_gl150_firmwaresimatic_s7-400_pnsimatic_teleservice_adapter_ie_advanced_firmwaretim_1531_ircsimatic_cp343-1_advancedsinamics_gl150sitop_psu8600_firmwaresimatic_s7-300simatic_rf188csimatic_hmi_comfort_panelssimatic_teleservice_adapter_ie_advancedsitop_ups1600simatic_rf185c_firmwaresimatic_ipc_diagmonitorsitop_managersimatic_winac_rtx_firmwaresinamics_gh150simatic_s7-300_firmwaresimatic_hmi_ktp_mobile_panels_ktp700_firmwarecp1616simatic_rf600r_firmwaresimatic_cp443-1_advanced_firmwaresimatic_hmi_ktp_mobile_panels_ktp700fsimatic_cp343-1_advanced_firmwaresimatic_cp443-1_opc_uasimatic_s7-1500t_firmwaresinamics_sm120simatic_cp443-1_advancedsimatic_s7-1500f_firmwaresimocode_pro_v_eipsitop_ups1600_firmwaresinamics_s210_firmwarecp1616_firmwaresimatic_hmi_ktp_mobile_panels_ktp900sinamics_s150sinamics_sl150_firmwaresimatic_s7-1500ssimatic_cp443-1_firmwarecp1604simatic_s7-1500_software_controllersimocode_pro_v_pnsimatic_rf186c_firmwaresimatic_hmi_ktp_mobile_panels_ktp400fsimatic_rf188c_firmwaresimatic_hmi_comfort_outdoor_panels_firmwaresimatic_rf185csimatic_s7-1500simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresitop_psu8600simatic_s7-400_pn\/dp_firmwaresimatic_teleservice_adapter_ie_basictim_1531_irc_firmwaresimatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_s7-1500tsimatic_s7-1500s_firmwaresinamics_gm150_firmwaresinamics_sm150sinamics_g150sinamics_g130simatic_rf181-eip_firmwaresimatic_s7-1500fsinamics_gh150_firmwaresinamics_sl150simatic_rf182c_firmwaresinamics_sm150_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsimatic_cp443-1simatic_hmi_comfort_outdoor_panelssimatic_teleservice_adapter_ie_standardsimatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmwaresimatic_rf181-eipsimatic_hmi_ktp_mobile_panels_ktp700simatic_teleservice_adapter_ie_basic_firmwaresinamics_g150_firmwaresimatic_rf186csimatic_et_200_sp_open_controller_cpu_1515sp_pcsimocode_pro_v_eip_firmwaresinamics_s120sinamics_g130_firmwaresimocode_pro_v_pn_firmwaresimatic_hmi_comfort_panels_firmwaresinamics_s120_firmwaresimatic_s7-plcsim_advancedsimatic_wincc_runtime_advancedsinamics_sm120_firmwareSINAMICS S150 V4.6 Control UnitSIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)SINAMICS G130 V4.7 SP1 Control UnitSINAMICS G150 V4.7 Control UnitSINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)SIMATIC ET 200S IM151-8F PN/DP CPUSIMATIC CP 443-1 OPC UASITOP UPS1600 (incl. SIPLUS variants)SINAMICS G130 V4.6 Control UnitSIMATIC Teleservice Adapter IE StandardSINAMICS G150 V5.1 SP1 Control UnitSINAMICS S150 V4.7 SP1 Control UnitSIMATIC RF186CSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317F-2 PN/DPSINAMICS GH150 V4.7 (Control Unit)SIMATIC CP 443-1 AdvancedSINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)SIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317-2 PN/DPSIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC RF600R familySIMATIC CP 443-1SIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900FSINAMICS SL150 V4.8 (Control Unit)SINAMICS GM150 V4.8 (Control Unit)SIMATIC WinCC Runtime AdvancedSINAMICS G150 V4.7 SP1 Control UnitSIMATIC ET 200pro IM154-8F PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIMATIC CP 343-1 AdvancedSIMATIC RF185CSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SINAMICS SM120 V4.7 (Control Unit)SIMATIC S7-300 CPU 319-3 PN/DPSIMATIC Teleservice Adapter IE AdvancedSINAMICS SM150 V4.8 (Control Unit)SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)SINAMICS GH150 V4.8 (Control Unit)SIPLUS ET 200S IM151-8 PN/DP CPUSITOP PSU8600SINAMICS G150 V5.1 Control UnitSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SINAMICS G130 V4.7 Control UnitSINAMICS S150 V5.1 SP1 Control UnitSINAMICS SL150 V4.7 (Control Unit)SINAMICS G130 V4.8 Control UnitSIMATIC CP 1604SIMATIC S7-1500 Software ControllerSINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)SIPLUS ET 200S IM151-8F PN/DP CPUSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM154-8 PN/DP CPUSIMATIC RF182CSINAMICS S210SIPLUS S7-300 CPU 317F-2 PN/DPSIPLUS NET CP 443-1SIPLUS S7-300 CPU 314C-2 PN/DPSINAMICS G130 V5.1 SP1 Control UnitSIMATIC WinAC RTX 2010SIMATIC ET 200S IM151-8 PN/DP CPUSINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)SIMATIC CP 1616SINAMICS GM150 V4.7 (Control Unit)SINAMICS S150 V5.1 Control UnitSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS NET CP 343-1 AdvancedSINAMICS S150 V4.7 Control UnitSINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)SINAMICS GL150 V4.8 (Control Unit)SIMATIC Teleservice Adapter IE BasicSIPLUS NET CP 443-1 AdvancedSITOP ManagerSINAMICS G130 V5.1 Control UnitSINAMICS SM120 V4.8 (Control Unit)SIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-PLCSIM AdvancedSIMATIC S7-300 CPU 315-2 PN/DPSINAMICS GL150 V4.7 (Control Unit)SIMATIC S7-300 CPU 319F-3 PN/DPSIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants)TIM 1531 IRC (incl. SIPLUS NET variants)SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC WinAC RTX F 2010SINAMICS G150 V4.6 Control UnitSIMATIC RF188CSIMATIC RFID 181EIPSIMATIC ET 200pro IM154-8FX PN/DP CPUSIMATIC S7-300 CPU 315T-3 PN/DPSIMATIC IPC DiagMonitorSINAMICS S150 V4.8 Control UnitSINAMICS G150 V4.8 Control Unit
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-8393
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.38% / 58.63%
||
7 Day CHG~0.00%
Published-01 May, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-7304
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 60.19%
||
7 Day CHG~0.00%
Published-29 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-5294
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.45% / 62.87%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 16:12
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ar2200_firmwarear1200ar3200_firmwarear2200srg1300srg1300_firmwaresrg3300_firmwaresrg2300_firmwaresrg3300netengine16exar120-s_firmwarear1200-s_firmwarear200-sar120-sar150-sar160srg2300ar150_firmwarear2200-sar150-s_firmwarear1200-sar3600ar150ar3200ar1200_firmwarear200-s_firmwarear200ar3600_firmwarear160_firmwarear2200-s_firmwarear200_firmwarenetengine16ex_firmwareAR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,NetEngine16EX,SRG1300,SRG2300,SRG3300
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-7303
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 60.19%
||
7 Day CHG~0.00%
Published-29 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-7300
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 60.19%
||
7 Day CHG~0.00%
Published-29 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-7668
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-51.08% / 97.78%
||
7 Day CHG-2.05%
Published-20 Jun, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.The Apache Software FoundationOracle CorporationApple Inc.NetApp, Inc.
Product-oncommand_unified_managerenterprise_linux_desktopenterprise_linux_server_aussecure_global_desktopenterprise_linux_server_tusenterprise_linux_eusclustered_data_ontapenterprise_linux_workstationstoragegridenterprise_linux_serverdebian_linuxhttp_servermac_os_xApache HTTP Server
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2017-8294
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.57%
||
7 Day CHG~0.00%
Published-27 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.

Action-Not Available
Vendor-virustotaln/a
Product-yaran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-6800
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 66.55%
||
7 Day CHG~0.00%
Published-10 Mar, 2017 | 10:29
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.

Action-Not Available
Vendor-ytnef_projectn/aDebian GNU/Linux
Product-ytnefdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-6801
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.20%
||
7 Day CHG~0.00%
Published-10 Mar, 2017 | 10:29
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.

Action-Not Available
Vendor-ytnef_projectn/aDebian GNU/Linux
Product-ytnefdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-6658
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.53%
||
7 Day CHG~0.00%
Published-16 May, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-sourcefire_snortSnort 3.0 All versions prior to build 233.
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-5335
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-3.54% / 87.21%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.

Action-Not Available
Vendor-n/aopenSUSEGNU
Product-gnutlsleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-5847
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.09% / 86.26%
||
7 Day CHG~0.00%
Published-09 Feb, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.

Action-Not Available
Vendor-gstreamer_projectn/aDebian GNU/Linux
Product-debian_linuxgstreamern/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-5848
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.48% / 89.83%
||
7 Day CHG~0.00%
Published-09 Feb, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.

Action-Not Available
Vendor-gstreamer_projectn/aRed Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_eusenterprise_linux_workstationdebian_linuxenterprise_linux_serverenterprise_linux_server_ausgstreamern/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-3823
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.90% / 82.45%
||
7 Day CHG~0.00%
Published-06 Feb, 2019 | 20:00
Updated-04 Aug, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.

Action-Not Available
Vendor-NetApp, Inc.Debian GNU/LinuxOracle CorporationCanonical Ltd.CURL
Product-libcurlclustered_data_ontapcommunications_operations_monitordebian_linuxubuntu_linuxhttp_serversecure_global_desktopcurl
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-5845
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.48% / 84.67%
||
7 Day CHG~0.00%
Published-09 Feb, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag.

Action-Not Available
Vendor-gstreamer_projectn/a
Product-gstreamern/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 8
  • 9
  • Next
Details not found