Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-3477

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-31 Mar, 2021 | 00:00
Updated At-03 Aug, 2024 | 16:53
Rejected At-
Credits

There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:31 Mar, 2021 | 00:00
Updated At:03 Aug, 2024 | 16:53
Rejected At:
▼CVE Numbering Authority (CNA)

There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability.

Affected Products
Vendor
n/a
Product
OpenEXR
Versions
Affected
  • OpenEXR 3.0.0-beta
Problem Types
TypeCWE IDDescription
CWECWE-190CWE-190->CWE-125
Type: CWE
CWE ID: CWE-190
Description: CWE-190->CWE-125
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.redhat.com/show_bug.cgi?id=1939159
N/A
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
N/A
https://lists.debian.org/debian-lts-announce/2021/07/msg00001.html
mailing-list
https://security.gentoo.org/glsa/202107-27
vendor-advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
mailing-list
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1939159
Resource: N/A
Hyperlink: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2021/07/msg00001.html
Resource:
mailing-list
Hyperlink: https://security.gentoo.org/glsa/202107-27
Resource:
vendor-advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
Resource:
mailing-list
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.redhat.com/show_bug.cgi?id=1939159
x_transferred
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
x_transferred
https://lists.debian.org/debian-lts-announce/2021/07/msg00001.html
mailing-list
x_transferred
https://security.gentoo.org/glsa/202107-27
vendor-advisory
x_transferred
https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
mailing-list
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1939159
Resource:
x_transferred
Hyperlink: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
Resource:
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2021/07/msg00001.html
Resource:
mailing-list
x_transferred
Hyperlink: https://security.gentoo.org/glsa/202107-27
Resource:
vendor-advisory
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
Resource:
mailing-list
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:31 Mar, 2021 | 14:15
Updated At:07 Nov, 2023 | 03:38

There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
openexr
openexr
>>openexr>>Versions before 2.4.3(exclusive)
cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*
openexr
openexr
>>openexr>>Versions from 2.5.0(inclusive) to 2.5.4(exclusive)
cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarysecalert@redhat.com
CWE-125Secondarynvd@nist.gov
CWE-190Secondarynvd@nist.gov
CWE ID: CWE-190
Type: Primary
Source: secalert@redhat.com
CWE ID: CWE-125
Type: Secondary
Source: nvd@nist.gov
CWE ID: CWE-190
Type: Secondary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956secalert@redhat.com
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1939159secalert@redhat.com
Issue Tracking
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/07/msg00001.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00022.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/202107-27secalert@redhat.com
Third Party Advisory
Hyperlink: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
Source: secalert@redhat.com
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1939159
Source: secalert@redhat.com
Resource:
Issue Tracking
Patch
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2021/07/msg00001.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/202107-27
Source: secalert@redhat.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

2477Records found
CVE-2019-1000019
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.80% / 83.26%
||
7 Day CHG~0.00%
Published-04 Feb, 2019 | 21:00
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Debian GNU/LinuxlibarchiveopenSUSERed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlibarchiveenterprise_linux_workstationfedoraenterprise_linux_desktopleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6161
Matching Score-10
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-10
Assigner-Debian GNU/Linux
CVSS Score-6.5||MEDIUM
EPSS-0.65% / 71.35%
||
7 Day CHG~0.00%
Published-12 Aug, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.

Action-Not Available
Vendor-libgdn/aDebian GNU/LinuxopenSUSE
Product-leaplibgddebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6132
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.12% / 84.58%
||
7 Day CHG~0.00%
Published-12 Aug, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

Action-Not Available
Vendor-libgdn/aDebian GNU/LinuxopenSUSE
Product-leaplibgddebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-6207
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-8.72% / 92.70%
||
7 Day CHG~0.00%
Published-12 Aug, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.

Action-Not Available
Vendor-libgdn/aopenSUSEThe PHP GroupDebian GNU/Linux
Product-leaplibgddebian_linuxphpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-5315
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 39.12%
||
7 Day CHG~0.00%
Published-07 Mar, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLibTIFF
Product-debian_linuxlibtiffn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-3933
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.53% / 67.75%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 00:00
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths.

Action-Not Available
Vendor-openexrn/aDebian GNU/LinuxFedora Project
Product-openexrdebian_linuxfedoraopenexr
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-5322
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 39.56%
||
7 Day CHG~0.00%
Published-11 Apr, 2017 | 18:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLibTIFF
Product-debian_linuxlibtiffn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-8976
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.61% / 70.27%
||
7 Day CHG~0.00%
Published-25 Mar, 2018 | 00:00
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.

Action-Not Available
Vendor-n/aExiv2Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverexiv2debian_linuxenterprise_linux_workstationenterprise_linux_desktopn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11759
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.68% / 72.19%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 22:43
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.

Action-Not Available
Vendor-openexrn/aCanonical Ltd.Fedora ProjectDebian GNU/LinuxApple Inc.
Product-ubuntu_linuxitunesiphone_osdebian_linuxipadostvoswatchosfedoramac_os_xopenexricloudn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-7557
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.40% / 61.12%
||
7 Day CHG~0.00%
Published-28 Feb, 2018 | 07:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFFmpeg
Product-ffmpegdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-7728
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.45% / 64.29%
||
7 Day CHG~0.00%
Published-06 Mar, 2018 | 18:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.

Action-Not Available
Vendor-exempi_projectn/aCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxexempidebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-7730
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 29.05%
||
7 Day CHG~0.00%
Published-06 Mar, 2018 | 18:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.

Action-Not Available
Vendor-exempi_projectn/aCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxexempidebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-7868
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.57% / 69.19%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 18:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack.

Action-Not Available
Vendor-libmingn/aDebian GNU/Linux
Product-libmingdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-8098
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.74% / 73.49%
||
7 Day CHG~0.00%
Published-14 Mar, 2018 | 00:00
Updated-05 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file.

Action-Not Available
Vendor-libgit2n/aDebian GNU/Linux
Product-debian_linuxlibgit2n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-6392
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.57% / 69.02%
||
7 Day CHG~0.00%
Published-29 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 06:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFFmpeg
Product-ffmpegdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6143
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-1.10% / 78.50%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 19:00
Updated-05 Aug, 2024 | 05:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Action-Not Available
Vendor-Red Hat, Inc.Google LLCDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationenterprise_linux_desktopChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5785
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.78% / 74.19%
||
7 Day CHG~0.00%
Published-19 Jan, 2018 | 08:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

Action-Not Available
Vendor-uclouvainn/aCanonical Ltd.Debian GNU/Linux
Product-openjpegdebian_linuxubuntu_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-5294
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.62% / 70.72%
||
7 Day CHG~0.00%
Published-08 Jan, 2018 | 07:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.

Action-Not Available
Vendor-libmingn/aDebian GNU/Linux
Product-libmingdebian_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-36411
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 36.28%
||
7 Day CHG~0.00%
Published-10 Jan, 2022 | 00:00
Updated-04 Aug, 2024 | 00:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.

Action-Not Available
Vendor-strukturn/aDebian GNU/Linux
Product-debian_linuxlibde265n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20430
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.57% / 69.17%
||
7 Day CHG~0.00%
Published-24 Dec, 2018 | 05:00
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGNU
Product-libextractordebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-21016
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.51% / 67.06%
||
7 Day CHG~0.00%
Published-16 Sep, 2019 | 12:58
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGPAC
Product-gpacdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20570
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.97% / 77.07%
||
7 Day CHG~0.00%
Published-28 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.

Action-Not Available
Vendor-n/aJasPerDebian GNU/Linux
Product-jasperdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-19625
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 38.64%
||
7 Day CHG~0.00%
Published-29 Nov, 2018 | 04:00
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-19758
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.88% / 75.85%
||
7 Day CHG~0.00%
Published-30 Nov, 2018 | 03:00
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

Action-Not Available
Vendor-libsndfile_projectn/aDebian GNU/Linux
Product-libsndfiledebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-19661
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.66% / 71.70%
||
7 Day CHG~0.00%
Published-29 Nov, 2018 | 07:00
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service.

Action-Not Available
Vendor-libsndfile_projectn/aDebian GNU/Linux
Product-libsndfiledebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-19626
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 38.64%
||
7 Day CHG~0.00%
Published-29 Nov, 2018 | 04:00
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2018-19841
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.57% / 69.29%
||
7 Day CHG~0.00%
Published-04 Dec, 2018 | 09:00
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.

Action-Not Available
Vendor-wavpackn/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedorawavpackleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-19535
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 60.50%
||
7 Day CHG~0.00%
Published-26 Nov, 2018 | 00:00
Updated-05 Aug, 2024 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

Action-Not Available
Vendor-n/aCanonical Ltd.Exiv2Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxexiv2debian_linuxenterprise_linux_workstationenterprise_linux_desktopn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-19497
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.21% / 87.35%
||
7 Day CHG~0.00%
Published-29 Nov, 2018 | 23:00
Updated-05 Aug, 2024 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c).

Action-Not Available
Vendor-sleuthkitn/aDebian GNU/LinuxFedora Project
Product-debian_linuxthe_sleuth_kitfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-19107
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.16% / 84.70%
||
7 Day CHG~0.00%
Published-08 Nov, 2018 | 00:00
Updated-05 Aug, 2024 | 11:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.

Action-Not Available
Vendor-n/aCanonical Ltd.Exiv2Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxexiv2debian_linuxenterprise_linux_workstationenterprise_linux_desktopn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-18605
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.69% / 72.30%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 17:00
Updated-05 Aug, 2024 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.

Action-Not Available
Vendor-n/aNetApp, Inc.GNUDebian GNU/Linux
Product-data_ontapdebian_linuxbinutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16336
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 54.09%
||
7 Day CHG~0.00%
Published-02 Sep, 2018 | 03:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.

Action-Not Available
Vendor-n/aCanonical Ltd.Exiv2Debian GNU/Linux
Product-ubuntu_linuxexiv2debian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-18025
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 44.69%
||
7 Day CHG+0.01%
Published-07 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.

Action-Not Available
Vendor-n/aDebian GNU/LinuxImageMagick Studio LLC
Product-debian_linuximagemagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16062
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.79%
||
7 Day CHG~0.00%
Published-29 Aug, 2018 | 03:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

Action-Not Available
Vendor-elfutils_projectn/aCanonical Ltd.Red Hat, Inc.openSUSEDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxelfutilsenterprise_linux_workstationenterprise_linux_desktopleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16435
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.45% / 64.18%
||
7 Day CHG~0.00%
Published-04 Sep, 2018 | 00:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

Action-Not Available
Vendor-littlecmsn/aCanonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_workstationenterprise_linux_desktoplittle_cms_color_enginen/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-15378
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-1.62% / 82.33%
||
7 Day CHG~0.00%
Published-15 Oct, 2018 | 17:00
Updated-26 Nov, 2024 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clam AntiVirus unmew11() Denial of Service Vulnerability

A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.

Action-Not Available
Vendor-Canonical Ltd.ClamAVCisco Systems, Inc.Debian GNU/Linux
Product-ubuntu_linuxclamavdebian_linuxClamAV
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14851
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.44% / 63.72%
||
7 Day CHG~0.00%
Published-02 Aug, 2018 | 19:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Debian GNU/LinuxThe PHP Group
Product-ubuntu_linuxphpdebian_linuxstorage_automation_storen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-35452
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 33.42%
||
7 Day CHG~0.00%
Published-10 Jan, 2022 | 00:00
Updated-04 Aug, 2024 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc.

Action-Not Available
Vendor-strukturn/aDebian GNU/Linux
Product-debian_linuxlibde265n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14498
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 53.78%
||
7 Day CHG~0.00%
Published-07 Mar, 2019 | 22:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.

Action-Not Available
Vendor-libjpeg-turbon/aDebian GNU/LinuxopenSUSEFedora ProjectMozilla Corporation
Product-mozjpegdebian_linuxfedoralibjpeg-turboleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-13988
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.70% / 72.48%
||
7 Day CHG~0.00%
Published-25 Jul, 2018 | 23:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.freedesktop.org
Product-enterprise_linux_serverubuntu_linuxdebian_linuxopenshift_container_platformenterprise_linux_workstationenterprise_linux_desktopansible_towerpopplern/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-13099
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.60% / 82.20%
||
7 Day CHG~0.00%
Published-03 Jul, 2018 | 05:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-12495
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.54% / 68.09%
||
7 Day CHG~0.00%
Published-15 Jun, 2018 | 18:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

Action-Not Available
Vendor-discount_projectn/aDebian GNU/Linux
Product-discountdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-13096
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.57% / 69.29%
||
7 Day CHG-0.02%
Published-03 Jul, 2018 | 05:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11468
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.52% / 67.16%
||
7 Day CHG~0.00%
Published-25 May, 2018 | 13:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

Action-Not Available
Vendor-discount_projectn/aDebian GNU/Linux
Product-discountdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11504
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 47.77%
||
7 Day CHG~0.00%
Published-26 May, 2018 | 21:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

Action-Not Available
Vendor-discount_projectn/aDebian GNU/Linux
Product-discountdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11503
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.54% / 68.09%
||
7 Day CHG~0.00%
Published-26 May, 2018 | 21:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

Action-Not Available
Vendor-discount_projectn/aDebian GNU/Linux
Product-discountdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-32436
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.04% / 87.02%
||
7 Day CHG~0.00%
Published-10 Mar, 2022 | 14:50
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.

Action-Not Available
Vendor-abcm2ps_projectn/aDebian GNU/LinuxFedora Project
Product-debian_linuxfedoraabcm2psn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-10888
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.62% / 70.62%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 14:00
Updated-16 Sep, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service.

Action-Not Available
Vendor-libgit2libgit2Debian GNU/Linux
Product-debian_linuxlibgit2libgit2
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-46955
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.91%
||
7 Day CHG~0.00%
Published-10 Nov, 2024 | 00:00
Updated-03 Nov, 2025 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

Action-Not Available
Vendor-n/aArtifex Software Inc.SUSEDebian GNU/Linux
Product-linux_enterprise_server_for_sapdebian_linuxghostscriptlinux_enterprise_serverlinux_enterprise_high_performance_computingn/aghostscript
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-10999
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.44% / 63.66%
||
7 Day CHG~0.00%
Published-12 May, 2018 | 04:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.

Action-Not Available
Vendor-n/aCanonical Ltd.Exiv2Debian GNU/Linux
Product-ubuntu_linuxexiv2debian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 49
  • 50
  • Next
Details not found