Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-11043

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-29 May, 2020 | 00:00
Updated At-04 Aug, 2024 | 11:21
Rejected At-
Credits

Out-of-bounds Read in FreeRDP

In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:29 May, 2020 | 00:00
Updated At:04 Aug, 2024 | 11:21
Rejected At:
▼CVE Numbering Authority (CNA)
Out-of-bounds Read in FreeRDP

In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.

Affected Products
Vendor
FreeRDPFreeRDP
Product
FreeRDP
Versions
Affected
  • <= 2.0.0
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.12.2LOW
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
Version: 3.1
Base score: 2.2
Base severity: LOW
Vector:
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84
N/A
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
vendor-advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
mailing-list
Hyperlink: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
Resource:
vendor-advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
Resource:
mailing-list
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
vendor-advisory
x_transferred
https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
mailing-list
x_transferred
Hyperlink: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84
Resource:
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
Resource:
vendor-advisory
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
Resource:
mailing-list
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:29 May, 2020 | 20:15
Updated At:24 Oct, 2023 | 15:30

In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.12.7LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Secondary3.12.2LOW
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 2.7
Base severity: LOW
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Type: Secondary
Version: 3.1
Base score: 2.2
Base severity: LOW
Vector:
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches

FreeRDP
freerdp
>>freerdp>>Versions before 2.1.0(exclusive)
cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*
openSUSE
opensuse
>>leap>>15.1
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarysecurity-advisories@github.com
CWE-125Secondarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-125
Type: Secondary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.htmlsecurity-advisories@github.com
Third Party Advisory
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84security-advisories@github.com
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00008.htmlsecurity-advisories@github.com
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
Source: security-advisories@github.com
Resource:
Third Party Advisory
Hyperlink: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84
Source: security-advisories@github.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
Source: security-advisories@github.com
Resource:
Mailing List
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

2109Records found

CVE-2016-7449
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.49% / 87.84%
||
7 Day CHG~0.00%
Published-06 Feb, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

Action-Not Available
Vendor-n/aopenSUSEDebian GNU/LinuxGraphicsMagick
Product-leapdebian_linuxgraphicsmagickopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-8689
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.28% / 87.06%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.

Action-Not Available
Vendor-n/alibarchiveopenSUSE
Product-leaplibarchiven/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-14148
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.64% / 83.89%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 16:52
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.

Action-Not Available
Vendor-bartonn/aDebian GNU/LinuxFedora Project
Product-ngircddebian_linuxfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-12673
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.19% / 92.70%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 15:18
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.

Action-Not Available
Vendor-n/aCanonical Ltd.Fedora ProjectDebian GNU/LinuxDovecot
Product-ubuntu_linuxdebian_linuxfedoradovecotn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-12674
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.19% / 92.70%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 15:20
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.

Action-Not Available
Vendor-n/aCanonical Ltd.Fedora ProjectDebian GNU/LinuxDovecot
Product-ubuntu_linuxdebian_linuxfedoradovecotn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11526
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-2.2||LOW
EPSS-2.00% / 78.55%
||
7 Day CHG~0.00%
Published-15 May, 2020 | 16:18
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEFreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11525
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-2.2||LOW
EPSS-1.68% / 74.36%
||
7 Day CHG~0.00%
Published-15 May, 2020 | 16:16
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEFreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11048
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-2.2||LOW
EPSS-1.85% / 76.74%
||
7 Day CHG~0.00%
Published-07 May, 2020 | 00:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in FreeRDPrdp_read_flow_control_pdu

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0.

Action-Not Available
Vendor-Canonical Ltd.FreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxFreeRDP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11040
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-2.2||LOW
EPSS-1.61% / 73.20%
||
7 Day CHG~0.00%
Published-29 May, 2020 | 00:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in FreeRDP

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.

Action-Not Available
Vendor-openSUSEFreeRDPDebian GNU/Linux
Product-freerdpdebian_linuxleapFreeRDP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11085
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-2.6||LOW
EPSS-1.71% / 74.75%
||
7 Day CHG~0.00%
Published-29 May, 2020 | 00:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in FreeRDP

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.

Action-Not Available
Vendor-openSUSEFreeRDPDebian GNU/Linux
Product-freerdpdebian_linuxleapFreeRDP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11046
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-1.32% / 67.75%
||
7 Day CHG~0.00%
Published-07 May, 2020 | 00:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in FreeRDP

In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.

Action-Not Available
Vendor-Canonical Ltd.FreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxFreeRDP
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-8682
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.55% / 88.01%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.

Action-Not Available
Vendor-n/aopenSUSEDebian GNU/LinuxGraphicsMagick
Product-debian_linuxgraphicsmagickopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11058
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-2.2||LOW
EPSS-1.61% / 73.26%
||
7 Day CHG~0.00%
Published-12 May, 2020 | 00:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in FreeRDP

In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0.

Action-Not Available
Vendor-Canonical Ltd.FreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxFreeRDP
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6261
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.91% / 89.13%
||
7 Day CHG~0.00%
Published-07 Sep, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEGNU
Product-leapubuntu_linuxlibidnn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-19246
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.05% / 86.07%
||
7 Day CHG+0.11%
Published-25 Nov, 2019 | 16:16
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.

Action-Not Available
Vendor-oniguruma_projectn/aCanonical Ltd.Fedora ProjectThe PHP GroupDebian GNU/Linux
Product-ubuntu_linuxphponigurumadebian_linuxfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-20387
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.34% / 81.70%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 22:54
Updated-05 Aug, 2024 | 02:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.

Action-Not Available
Vendor-n/aDebian GNU/LinuxopenSUSE
Product-libsolvdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-19204
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.89% / 93.34%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 20:06
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.

Action-Not Available
Vendor-oniguruma_projectn/aDebian GNU/LinuxFedora Project
Product-onigurumadebian_linuxfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2011-0984
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.87% / 77.02%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-7483
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.14% / 79.95%
||
7 Day CHG~0.00%
Published-02 May, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read.

Action-Not Available
Vendor-rxvt_projectThe RXVT ProjectDebian GNU/Linux
Product-debian_linuxrxvtrxvt
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10903
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.59% / 92.03%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 03:53
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/LinuxCanonical Ltd.Fedora ProjectopenSUSE
Product-ubuntu_linuxdebian_linuxfedorawiresharkleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-7668
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-57.47% / 98.97%
||
7 Day CHG~0.00%
Published-20 Jun, 2017 | 01:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.

Action-Not Available
Vendor-Apple Inc.Oracle CorporationThe Apache Software FoundationRed Hat, Inc.Debian GNU/LinuxNetApp, Inc.
Product-enterprise_linux_eusdebian_linuxenterprise_linux_serverenterprise_linux_workstationmac_os_xenterprise_linux_server_tusenterprise_linux_desktopclustered_data_ontapsecure_global_desktopenterprise_linux_server_ausoncommand_unified_managerstoragegridhttp_serverApache HTTP Server
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2018-9989
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.17% / 80.28%
||
7 Day CHG~0.00%
Published-10 Apr, 2018 | 19:00
Updated-05 Jun, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.

Action-Not Available
Vendor-trustedfirmwaren/aArm LimitedDebian GNU/Linux
Product-debian_linuxmbed_tlsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-8789
Matching Score-10
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-10
Assigner-Check Point Software Ltd.
CVSS Score-7.5||HIGH
EPSS-5.24% / 91.60%
||
7 Day CHG~0.00%
Published-29 Nov, 2018 | 18:00
Updated-16 Sep, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

Action-Not Available
Vendor-Canonical Ltd.Check Point Software Technologies Ltd.FreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxFreeRDP
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-8799
Matching Score-10
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-10
Assigner-Check Point Software Ltd.
CVSS Score-7.5||HIGH
EPSS-4.07% / 89.55%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 20:00
Updated-17 Sep, 2024 | 03:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault).

Action-Not Available
Vendor-rdesktopDebian GNU/LinuxCheck Point Software Technologies Ltd.
Product-rdesktopdebian_linuxrdesktop
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-5356
Matching Score-10
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-10
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-4.78% / 90.92%
||
7 Day CHG~0.00%
Published-03 Mar, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]).

Action-Not Available
Vendor-irssin/aDebian GNU/Linux
Product-debian_linuxirssin/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20615
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.46% / 90.37%
||
7 Day CHG~0.00%
Published-18 Mar, 2019 | 16:11
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.

Action-Not Available
Vendor-haproxyn/aCanonical Ltd.Red Hat, Inc.openSUSE
Product-ubuntu_linuxopenshift_container_platformenterprise_linuxhaproxyleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20175
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.30% / 90.05%
||
7 Day CHG~0.00%
Published-15 Mar, 2019 | 18:00
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault).

Action-Not Available
Vendor-rdesktopn/aDebian GNU/Linux
Product-rdesktopdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2014-8483
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.55% / 88.01%
||
7 Day CHG~0.00%
Published-06 Nov, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

Action-Not Available
Vendor-quassel-ircn/aCanonical Ltd.openSUSEDebian GNU/Linux
Product-debian_linuxubuntu_linuxquassel_ircopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16451
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.13% / 89.70%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:57
Updated-03 Dec, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.

Action-Not Available
Vendor-n/aApple Inc.openSUSEFedora ProjectRed Hat, Inc.Debian GNU/Linuxtcpdump & libpcap
Product-tcpdumpenterprise_linuxfedoraleapmac_os_xdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16230
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.89% / 89.08%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:49
Updated-03 Dec, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

Action-Not Available
Vendor-n/aApple Inc.openSUSEFedora ProjectRed Hat, Inc.Debian GNU/Linuxtcpdump & libpcap
Product-tcpdumpenterprise_linuxfedoraleapmac_os_xdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15501
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.34% / 90.12%
||
7 Day CHG~0.00%
Published-18 Aug, 2018 | 02:00
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-protocol "ng" packet that lacks a '\0' byte to trigger an out-of-bounds read that leads to DoS.

Action-Not Available
Vendor-libgit2n/aDebian GNU/Linux
Product-debian_linuxlibgit2n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14465
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.07% / 89.54%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:15
Updated-17 Dec, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectF5, Inc.openSUSERed Hat, Inc.Apple Inc.tcpdump & libpcap
Product-debian_linuxenterprise_linuxtraffix_signaling_delivery_controllerfedoraleapmac_os_xtcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14882
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.89% / 89.08%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:41
Updated-03 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.

Action-Not Available
Vendor-n/aApple Inc.openSUSEFedora ProjectRed Hat, Inc.Debian GNU/LinuxF5, Inc.tcpdump & libpcap
Product-tcpdumpenterprise_linuxtraffix_signaling_delivery_controllerleapfedoramac_os_xdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14883
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.97% / 94.68%
||
7 Day CHG~0.00%
Published-03 Aug, 2018 | 13:00
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Debian GNU/LinuxThe PHP Group
Product-ubuntu_linuxphpdebian_linuxstorage_automation_storen/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-14470
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.98% / 89.36%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:31
Updated-03 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().

Action-Not Available
Vendor-n/aApple Inc.openSUSEFedora ProjectRed Hat, Inc.Debian GNU/Linuxtcpdump & libpcap
Product-tcpdumpenterprise_linuxfedoraleapmac_os_xdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14880
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.34% / 91.72%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:35
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.tcpdump & libpcapFedora ProjectRed Hat, Inc.openSUSEF5, Inc.
Product-big-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_serviceenterprise_linuxbig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systemiworkflowbig-ip_application_security_managertcpdumpbig-ip_edge_gatewaydebian_linuxbig-iq_centralized_managementbig-ip_link_controllerfedoramac_os_xenterprise_managerbig-ip_access_policy_managertraffix_signaling_delivery_controllerbig-ip_advanced_firewall_managerleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14464
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.98% / 89.36%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:13
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.Fedora Projecttcpdump & libpcapopenSUSERed Hat, Inc.
Product-debian_linuxfedoraenterprise_linuxmac_os_xleaptcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14463
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.72% / 90.82%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:12
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.tcpdump & libpcapFedora ProjectRed Hat, Inc.openSUSEF5, Inc.
Product-debian_linuxfedoraenterprise_linuxmac_os_xtraffix_signaling_delivery_controllertcpdumpleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14881
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.76% / 90.90%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:36
Updated-03 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

Action-Not Available
Vendor-n/aApple Inc.openSUSEFedora ProjectRed Hat, Inc.Debian GNU/Linuxtcpdump & libpcap
Product-tcpdumpenterprise_linuxfedoraleapmac_os_xdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-1303
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-70.78% / 99.33%
||
7 Day CHG~0.00%
Published-26 Mar, 2018 | 15:00
Updated-17 Sep, 2024 | 02:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.

Action-Not Available
Vendor-Canonical Ltd.The Apache Software FoundationNetApp, Inc.Debian GNU/Linux
Product-http_serverclustered_data_ontapubuntu_linuxdebian_linuxstorage_automation_storesantricity_cloud_connectorstoragegridApache HTTP Server
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11362
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.12% / 86.37%
||
7 Day CHG~0.00%
Published-22 May, 2018 | 21:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-9778
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.77% / 84.69%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 07:00
Updated-04 Aug, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.

Action-Not Available
Vendor-n/aGNUopenSUSE
Product-libredwgbackports_sleleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2014-4341
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-7.14% / 93.56%
||
7 Day CHG~0.00%
Published-20 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)Red Hat, Inc.Debian GNU/LinuxFedora Project
Product-debian_linuxenterprise_linux_serverkerberos_5enterprise_linux_workstationenterprise_linux_desktopenterprise_linux_tusenterprise_linux_server_eusfedoraenterprise_linux_server_ausenterprise_linux_eusn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-2518
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-15.08% / 96.36%
||
7 Day CHG~0.00%
Published-30 Jan, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

Action-Not Available
Vendor-ntpn/aFreeBSD FoundationOracle CorporationSiemens AGRed Hat, Inc.Debian GNU/LinuxNetApp, Inc.
Product-debian_linuxfreebsdoncommand_performance_managerntpenterprise_linux_desktopenterprise_linux_server_tusoncommand_balancecommunications_user_data_repositoryenterprise_linux_server_eusenterprise_linux_server_ausdata_ontapsimatic_net_cp_443-1_opc_uaenterprise_linux_serveroncommand_unified_manager_for_clustered_data_ontapenterprise_linux_workstationclustered_data_ontaplinuxsimatic_net_cp_443-1_opc_ua_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10197
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.19% / 91.54%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.

Action-Not Available
Vendor-libevent_projectn/aDebian GNU/Linux
Product-libeventdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-31001
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-2.02% / 78.79%
||
7 Day CHG~0.00%
Published-31 May, 2022 | 00:00
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in Sofia-SIP

Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this issue.

Action-Not Available
Vendor-signalwirefreeswitchDebian GNU/Linux
Product-sofia-sipdebian_linuxsofia-sip
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-31002
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.80% / 76.06%
||
7 Day CHG~0.00%
Published-31 May, 2022 | 00:00
Updated-22 Apr, 2025 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in Sofia-SIP

Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue.

Action-Not Available
Vendor-signalwirefreeswitchDebian GNU/Linux
Product-sofia-sipdebian_linuxsofia-sip
CWE ID-CWE-125
Out-of-bounds Read
CVE-2013-0888
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-1.56% / 72.42%
||
7 Day CHG~0.00%
Published-23 Feb, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a "user gesture check for dangerous file downloads."

Action-Not Available
Vendor-n/aApple Inc.openSUSEGoogle LLCLinux Kernel Organization, IncMicrosoft Corporation
Product-mac_os_xwindowschromelinux_kernelopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-6802
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.42% / 69.83%
||
7 Day CHG~0.00%
Published-10 Mar, 2017 | 10:29
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.

Action-Not Available
Vendor-ytnef_projectn/aDebian GNU/Linux
Product-ytnefdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-6800
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.72% / 74.93%
||
7 Day CHG~0.00%
Published-10 Mar, 2017 | 10:29
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.

Action-Not Available
Vendor-ytnef_projectn/aDebian GNU/Linux
Product-ytnefdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 42
  • 43
  • Next
Details not found