Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-17595

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-14 Oct, 2019 | 20:42
Updated At-05 Aug, 2024 | 01:47
Rejected At-
Credits

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:14 Oct, 2019 | 20:42
Updated At:05 Aug, 2024 | 01:47
Rejected At:
▼CVE Numbering Authority (CNA)

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
x_refsource_MISC
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
vendor-advisory
x_refsource_SUSE
https://security.gentoo.org/glsa/202101-28
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
Resource:
x_refsource_MISC
Hyperlink: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
Resource:
x_refsource_MISC
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://security.gentoo.org/glsa/202101-28
Resource:
vendor-advisory
x_refsource_GENTOO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
x_refsource_MISC
x_transferred
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
x_refsource_MISC
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://security.gentoo.org/glsa/202101-28
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://security.gentoo.org/glsa/202101-28
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:14 Oct, 2019 | 21:15
Updated At:08 Feb, 2021 | 20:52

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Primary2.05.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:P
Type: Primary
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Type: Primary
Version: 2.0
Base score: 5.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:P
CPE Matches
GNU
gnu
>>ncurses>>Versions before 6.2(exclusive)
cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*
openSUSE
opensuse
>>leap>>15.0
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
openSUSE
opensuse
>>leap>>15.1
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.htmlcve@mitre.org
Third Party Advisory
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.htmlcve@mitre.org
Exploit
Mailing List
Vendor Advisory
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.htmlcve@mitre.org
Mailing List
Patch
Vendor Advisory
https://security.gentoo.org/glsa/202101-28cve@mitre.org
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
Source: cve@mitre.org
Resource:
Exploit
Mailing List
Vendor Advisory
Hyperlink: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
Source: cve@mitre.org
Resource:
Mailing List
Patch
Vendor Advisory
Hyperlink: https://security.gentoo.org/glsa/202101-28
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

495Records found
CVE-2022-29458
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.35%
||
7 Day CHG~0.00%
Published-18 Apr, 2022 | 00:00
Updated-09 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

Action-Not Available
Vendor-n/aApple Inc.GNUDebian GNU/Linux
Product-ncursesdebian_linuxmacosn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10165
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.56% / 68.65%
||
7 Day CHG~0.00%
Published-03 Feb, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

Action-Not Available
Vendor-littlecmsn/aCanonical Ltd.openSUSERed Hat, Inc.Debian GNU/LinuxNetApp, Inc.
Product-debian_linuxubuntu_linuxenterprise_linux_server_tusoncommand_performance_managerenterprise_linux_desktopenterprise_linux_server_eusoncommand_balanceenterprise_linux_server_ausoncommand_unified_manageroncommand_insightactive_iq_unified_managersatelliteenterprise_linux_serverenterprise_linux_workstationoncommand_shiftlittle_cms_color_enginee-series_santricity_managementleape-series_santricity_os_controllern/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-7064
Matching Score-10
Assigner-PHP Group
ShareView Details
Matching Score-10
Assigner-PHP Group
CVSS Score-6.5||MEDIUM
EPSS-2.33% / 85.23%
||
7 Day CHG~0.00%
Published-01 Apr, 2020 | 03:35
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-of-uninitialized-value in exif

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.

Action-Not Available
Vendor-The PHP GroupDebian GNU/LinuxTenable, Inc.Canonical Ltd.openSUSE
Product-ubuntu_linuxphpdebian_linuxtenable.scleapPHP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-6612
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.60% / 70.19%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 20:43
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.

Action-Not Available
Vendor-n/aGNUopenSUSE
Product-libredwgbackports_sleleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-6613
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.60% / 70.19%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 20:43
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.

Action-Not Available
Vendor-n/aGNUopenSUSE
Product-libredwgbackports_sleleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-6614
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.60% / 70.19%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 20:43
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.

Action-Not Available
Vendor-n/aGNUopenSUSE
Product-libredwgbackports_sleleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11098
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-3.5||LOW
EPSS-0.23% / 45.74%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 00:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bound read in glyph_cache_put in FreeRDP

In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.

Action-Not Available
Vendor-Canonical Ltd.FreeRDPopenSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfreerdpfedoraleapFreeRDP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-7578
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-3.68% / 88.23%
||
7 Day CHG~0.00%
Published-07 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.

Action-Not Available
Vendor-libsdln/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedorasimple_directmedia_layerleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-7635
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-2.15% / 84.68%
||
7 Day CHG~0.00%
Published-08 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.

Action-Not Available
Vendor-libsdln/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedorabackports_slesimple_directmedia_layerleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-7636
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-3.68% / 88.23%
||
7 Day CHG~0.00%
Published-08 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.

Action-Not Available
Vendor-libsdln/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedorasimple_directmedia_layerleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-20910
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.40% / 61.04%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:46
Updated-05 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-20915
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.40% / 61.04%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:46
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-13616
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-7.19% / 91.81%
||
7 Day CHG-1.75%
Published-16 Jul, 2019 | 00:00
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.

Action-Not Available
Vendor-libsdln/aDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.openSUSEFedora Project
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_ausenterprise_linux_workstationfedoraenterprise_linuxenterprise_linux_eusbackports_sleenterprise_linux_server_tusenterprise_linux_desktopsimple_directmedia_layerleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-11007
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-1.34% / 80.53%
||
7 Day CHG-0.76%
Published-08 Apr, 2019 | 18:18
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.GraphicsMagickopenSUSE
Product-ubuntu_linuxdebian_linuxgraphicsmagickbackports_sleleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-11041
Matching Score-10
Assigner-PHP Group
ShareView Details
Matching Score-10
Assigner-PHP Group
CVSS Score-4.8||MEDIUM
EPSS-3.21% / 87.36%
||
7 Day CHG~0.00%
Published-09 Aug, 2019 | 19:26
Updated-16 Sep, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
heap-buffer-overflow on exif_scan_thumbnail in EXIF extension

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.The PHP GroupTenable, Inc.Canonical Ltd.openSUSEApple Inc.
Product-ubuntu_linuxphpdebian_linuxsoftware_collectionsmac_os_xtenable.scleapPHP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-11042
Matching Score-10
Assigner-PHP Group
ShareView Details
Matching Score-10
Assigner-PHP Group
CVSS Score-4.8||MEDIUM
EPSS-3.81% / 88.41%
||
7 Day CHG~0.00%
Published-09 Aug, 2019 | 19:26
Updated-17 Sep, 2024 | 02:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
heap-buffer-overflow on exif_process_user_comment in EXIF extension

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.The PHP GroupTenable, Inc.Canonical Ltd.openSUSEApple Inc.
Product-ubuntu_linuxphpdebian_linuxsoftware_collectionsmac_os_xtenable.scleapPHP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-11009
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-1.33% / 80.41%
||
7 Day CHG~0.00%
Published-08 Apr, 2019 | 18:18
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagickopenSUSE
Product-debian_linuxgraphicsmagickleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-4166
Matching Score-10
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-10
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.1||HIGH
EPSS-0.37% / 59.26%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 18:15
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in vim/vim

vim is vulnerable to Out-of-bounds Read

Action-Not Available
Vendor-openSUSERed Hat, Inc.SUSEVimFedora ProjectDebian GNU/LinuxApple Inc.
Product-debian_linuxfactoryvimlinux_enterpriseenterprise_linuxfedoramac_os_xmacosvim/vim
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-20913
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.40% / 61.04%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:46
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20547
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-1.00% / 77.50%
||
7 Day CHG~0.00%
Published-28 Dec, 2018 | 03:00
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.

Action-Not Available
Vendor-libcaca_projectn/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoralibcacaleapn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-20546
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-2.27% / 85.07%
||
7 Day CHG~0.00%
Published-28 Dec, 2018 | 03:00
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.

Action-Not Available
Vendor-libcaca_projectn/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoralibcacaleapn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-16845
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-3.92% / 88.61%
||
7 Day CHG~0.00%
Published-07 Nov, 2018 | 14:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.

Action-Not Available
Vendor-[UNKNOWN]Debian GNU/LinuxF5, Inc.Canonical Ltd.openSUSEApple Inc.
Product-ubuntu_linuxdebian_linuxxcodenginxleapnginx
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2016-1651
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.1||HIGH
EPSS-1.62% / 82.30%
||
7 Day CHG~0.00%
Published-18 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does not properly implement the sycc420_to_rgb and sycc422_to_rgb functions, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted JPEG 2000 data in a PDF document.

Action-Not Available
Vendor-n/aopenSUSEGoogle LLCSUSEDebian GNU/Linux
Product-chromedebian_linuxlinux_enterpriseleapn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-35494
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.37% / 59.42%
||
7 Day CHG~0.00%
Published-04 Jan, 2021 | 14:23
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.

Action-Not Available
Vendor-n/aFedora ProjectNetApp, Inc.GNUBroadcom Inc.
Product-brocade_fabric_operating_system_firmwarecloud_backupontap_select_deploy_administration_utilitysolidfire_\&_hci_management_nodefedorasolidfire\,_enterprise_sds_\&_hci_storage_nodehci_compute_node_firmwarehci_compute_nodebinutilsbinutils
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2019-17498
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-1.42% / 81.07%
||
7 Day CHG~0.00%
Published-21 Oct, 2019 | 00:00
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

Action-Not Available
Vendor-libssh2n/aNetApp, Inc.Debian GNU/LinuxFedora ProjectopenSUSE
Product-bootstrap_osdebian_linuxontap_select_deploy_administration_utilityhci_management_nodefedoraactive_iq_unified_managerlibssh2hci_compute_nodeelement_softwaresolidfireleapn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2014-9672
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.8||MEDIUM
EPSS-3.15% / 87.23%
||
7 Day CHG~0.00%
Published-08 Feb, 2015 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.

Action-Not Available
Vendor-freetypen/aCanonical Ltd.openSUSEOracle CorporationDebian GNU/Linux
Product-debian_linuxubuntu_linuxsolarisfreetypeopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-0772
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.8||MEDIUM
EPSS-1.29% / 80.12%
||
7 Day CHG~0.00%
Published-19 Feb, 2013 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSERed Hat, Inc.Mozilla Corporation
Product-enterprise_linux_ausfirefoxubuntu_linuxseamonkeyenterprise_linux_serverenterprise_linux_workstationenterprise_linux_desktopenterprise_linux_eusopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-5459
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-7.1||HIGH
EPSS-1.19% / 79.27%
||
7 Day CHG~0.00%
Published-30 Jul, 2019 | 20:24
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.

Action-Not Available
Vendor-n/aVideoLANopenSUSE
Product-vlc_media_playerbackportsbackports_sleleapVLC
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2019-1000019
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.80% / 83.26%
||
7 Day CHG~0.00%
Published-04 Feb, 2019 | 21:00
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Debian GNU/LinuxlibarchiveopenSUSERed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlibarchiveenterprise_linux_workstationfedoraenterprise_linux_desktopleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-7969
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.95% / 83.90%
||
7 Day CHG-2.03%
Published-03 Mar, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."

Action-Not Available
Vendor-libass_projectn/aFedora ProjectopenSUSE
Product-leaplibassopensusefedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-7449
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.93% / 88.64%
||
7 Day CHG~0.00%
Published-06 Feb, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

Action-Not Available
Vendor-n/aopenSUSEDebian GNU/LinuxGraphicsMagick
Product-leapdebian_linuxgraphicsmagickopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-11035
Matching Score-6
Assigner-PHP Group
ShareView Details
Matching Score-6
Assigner-PHP Group
CVSS Score-4.8||MEDIUM
EPSS-2.97% / 86.85%
||
7 Day CHG~0.00%
Published-18 Apr, 2019 | 16:57
Updated-17 Sep, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap over-read in PHP EXIF extension

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.

Action-Not Available
Vendor-Red Hat, Inc.openSUSENetApp, Inc.Canonical Ltd.Debian GNU/LinuxThe PHP Group
Product-ubuntu_linuxphpdebian_linuxsoftware_collectionsstorage_automation_storeleapPHP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6262
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.31% / 85.18%
||
7 Day CHG~0.00%
Published-07 Sep, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEGNU
Product-leaplibidnubuntu_linuxopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-48188
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.07% / 21.03%
||
7 Day CHG~0.00%
Published-16 May, 2025 | 00:00
Updated-17 Jul, 2025 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fill_buffer (in data/encrypted-file.c) to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read.

Action-Not Available
Vendor-GNU
Product-psppPSPP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-47816
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.23% / 46.05%
||
7 Day CHG~0.00%
Published-10 May, 2025 | 00:00
Updated-16 Jun, 2025 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxml_parse_attributes out-of-bounds read, related to extra content at the end of a document.

Action-Not Available
Vendor-GNU
Product-psppPSPP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6263
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.96% / 86.82%
||
7 Day CHG~0.00%
Published-07 Sep, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.

Action-Not Available
Vendor-n/aGNU
Product-libidnn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6161
Matching Score-6
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-6
Assigner-Debian GNU/Linux
CVSS Score-6.5||MEDIUM
EPSS-0.65% / 71.35%
||
7 Day CHG~0.00%
Published-12 Aug, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.

Action-Not Available
Vendor-libgdn/aDebian GNU/LinuxopenSUSE
Product-leaplibgddebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6261
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.66% / 86.15%
||
7 Day CHG~0.00%
Published-07 Sep, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEGNU
Product-leapubuntu_linuxlibidnn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6132
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.12% / 84.58%
||
7 Day CHG~0.00%
Published-12 Aug, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

Action-Not Available
Vendor-libgdn/aDebian GNU/LinuxopenSUSE
Product-leaplibgddebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6905
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.41% / 80.96%
||
7 Day CHG~0.00%
Published-03 Oct, 2016 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

Action-Not Available
Vendor-libgdn/aopenSUSE
Product-leaplibgdopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-5316
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.68% / 72.22%
||
7 Day CHG~0.00%
Published-20 Jan, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.

Action-Not Available
Vendor-n/aLibTIFFopenSUSE
Product-leaplibtiffopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-4693
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.01% / 1.23%
||
7 Day CHG~0.00%
Published-25 Oct, 2023 | 10:27
Updated-07 Nov, 2025 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Grub2: out-of-bounds read at fs/ntfs.c

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.

Action-Not Available
Vendor-GNURed Hat, Inc.
Product-grub2enterprise_linuxRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11522
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.04% / 77.93%
||
7 Day CHG~0.00%
Published-15 May, 2020 | 16:10
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEFreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20712
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 49.17%
||
7 Day CHG~0.00%
Published-15 Jan, 2019 | 00:00
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20430
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.57% / 69.17%
||
7 Day CHG~0.00%
Published-24 Dec, 2018 | 05:00
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGNU
Product-libextractordebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20615
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.60%
||
7 Day CHG~0.00%
Published-18 Mar, 2019 | 16:11
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.

Action-Not Available
Vendor-haproxyn/aCanonical Ltd.Red Hat, Inc.openSUSE
Product-ubuntu_linuxopenshift_container_platformenterprise_linuxhaproxyleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-18849
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.48%
||
7 Day CHG~0.00%
Published-17 Mar, 2019 | 19:56
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.

Action-Not Available
Vendor-n/aopenSUSEQEMUCanonical Ltd.Fedora Project
Product-ubuntu_linuxqemufedoraleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20783
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.10% / 90.07%
||
7 Day CHG~0.00%
Published-21 Feb, 2019 | 19:00
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.

Action-Not Available
Vendor-n/aThe PHP GroupopenSUSE
Product-phpleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-19841
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.57% / 69.29%
||
7 Day CHG~0.00%
Published-04 Dec, 2018 | 09:00
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.

Action-Not Available
Vendor-wavpackn/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedorawavpackleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16227
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.50% / 87.93%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:44
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.Fedora Projecttcpdump & libpcapopenSUSERed Hat, Inc.
Product-debian_linuxfedoraenterprise_linuxmac_os_xleaptcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 9
  • 10
  • Next
Details not found