CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-125

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1010220 125 2019-07-22 2019-08-20
4.3
None Remote Medium Not required Partial None None
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
2 CVE-2019-1010204 125 DoS 2019-07-23 2019-08-22
4.3
None Remote Medium Not required None None Partial
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.
3 CVE-2019-1010190 125 2019-07-24 2019-07-29
4.3
None Remote Medium Not required None None Partial
mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1.
4 CVE-2019-1010169 125 DoS 2019-07-23 2019-07-23
5.0
None Remote Low Not required None None Partial
Jsish 2.4.77 2.0477 is affected by: Out-of-bounds Read. The impact is: denial of service. The component is: function lexer_getchar (jsiLexer.c:9). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78.
5 CVE-2019-1010004 125 DoS 2019-07-14 2019-08-02
4.3
None Remote Medium Not required None None Partial
SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: read_samples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189.
6 CVE-2019-1000019 125 DoS 2019-02-04 2019-04-12
4.3
None Remote Medium Not required None None Partial
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.
7 CVE-2019-17401 125 2019-10-09 2019-10-11
2.1
None Local Low Not required None None Partial
** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer over-read in the network_share_name_offset>20 code block of liblnk_location_information_read_data in liblnk_location_information.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as described in the GitHub issue.
8 CVE-2019-17362 125 DoS 2019-10-08 2019-10-15
6.4
None Remote Low Not required Partial None Partial
In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.
9 CVE-2019-17266 125 2019-10-06 2019-10-10
7.5
None Remote Low Not required Partial Partial Partial
libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy.
10 CVE-2019-17264 125 2019-10-06 2019-10-10
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in the GitHub issue.
11 CVE-2019-17263 125 2019-10-06 2019-10-14
2.1
None Local Low Not required None None Partial
** DISPUTED ** In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap-based buffer over-read because rejection of an unsupported size only considers values less than 6, even though values of 6 and 7 are also unsupported. NOTE: the vendor has disputed this as described in the GitHub issue.
12 CVE-2019-17040 125 2019-09-30 2019-10-07
7.5
None Remote Low Not required Partial Partial Partial
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.
13 CVE-2019-16748 125 2019-09-24 2019-09-24
7.5
None Remote Low Not required Partial Partial Partial
In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c.
14 CVE-2019-16705 125 2019-09-23 2019-09-23
6.4
None Remote Low Not required Partial None Partial
Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a.
15 CVE-2019-16411 125 2019-09-24 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o->len < 5 (corresponding to 2 bytes of header and 3 bytes of data). Then, "flag = *(o->data + 3)" places one beyond the 3 bytes, because the code should have been "flag = *(o->data + 1)" instead.
16 CVE-2019-16410 125 2019-09-24 2019-09-25
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of header_len checking.
17 CVE-2019-16249 125 2019-09-11 2019-09-13
7.5
None Remote Low Not required Partial Partial Partial
OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.
18 CVE-2019-16166 125 2019-09-09 2019-09-10
4.3
None Remote Medium Not required None None Partial
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
19 CVE-2019-16162 125 2019-09-09 2019-09-10
5.0
None Remote Low Not required None None Partial
Onigmo through 6.2.0 has an out-of-bounds read in parse_char_class because of missing codepoint validation in regenc.c.
20 CVE-2019-16139 125 2019-09-09 2019-09-09
9.0
None Remote Low Not required Partial Partial Complete
An issue was discovered in the compact_arena crate before 0.4.0 for Rust. Generativity is mishandled, leading to an out-of-bounds write or read.
21 CVE-2019-16095 125 2019-09-07 2019-09-09
5.0
None Remote Low Not required Partial None None
Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.
22 CVE-2019-16094 125 2019-09-07 2019-09-09
5.0
None Remote Low Not required Partial None None
Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
23 CVE-2019-16091 125 2019-09-07 2019-09-09
5.0
None Remote Low Not required Partial None None
Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.
24 CVE-2019-15927 125 2019-09-04 2019-09-24
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
25 CVE-2019-15926 125 2019-09-04 2019-09-14
9.4
None Remote Low Not required Complete None Complete
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
26 CVE-2019-15925 125 2019-09-04 2019-10-04
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.
27 CVE-2019-15918 125 2019-09-04 2019-10-04
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.
28 CVE-2019-15699 125 2019-09-24 2019-09-25
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet.
29 CVE-2019-15666 125 DoS 2019-08-27 2019-09-14
7.8
None Remote Low Not required None None Complete
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.
30 CVE-2019-15651 125 2019-08-26 2019-09-03
7.5
None Remote Low Not required Partial Partial Partial
wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex.
31 CVE-2019-15550 125 2019-08-26 2019-09-09
5.0
None Remote Low Not required None None Partial
An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary.
32 CVE-2019-15531 125 2019-08-23 2019-08-30
4.3
None Remote Medium Not required None None Partial
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.
33 CVE-2019-15505 125 2019-08-23 2019-09-04
10.0
None Remote Low Not required Complete Complete Complete
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
34 CVE-2019-15147 125 2019-08-18 2019-08-22
4.3
None Remote Medium Not required None None Partial
GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Next in GPMF_parser.c.
35 CVE-2019-15146 125 2019-08-18 2019-08-22
4.3
None Remote Medium Not required None None Partial
GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in GPMF_Next in GPMF_parser.c.
36 CVE-2019-15145 125 2019-08-18 2019-08-30
4.3
None Remote Medium Not required None None Partial
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.
37 CVE-2019-15141 125 2019-08-18 2019-08-22
4.3
None Remote Medium Not required None None Partial
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
38 CVE-2019-15139 125 2019-08-18 2019-08-28
4.3
None Remote Medium Not required None None Partial
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
39 CVE-2019-15090 125 2019-08-15 2019-09-02
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
40 CVE-2019-15050 125 2019-08-14 2019-08-19
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp.
41 CVE-2019-15049 125 2019-08-14 2019-08-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.
42 CVE-2019-15047 125 2019-08-14 2019-08-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.
43 CVE-2019-15026 125 2019-08-30 2019-09-07
5.0
None Remote Low Not required None None Partial
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
44 CVE-2019-14975 125 2019-08-14 2019-08-26
5.8
None Remote Medium Not required Partial None Partial
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
45 CVE-2019-14776 125 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
46 CVE-2019-14531 125 2019-08-02 2019-08-12
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c.
47 CVE-2019-14492 125 DoS 2019-08-01 2019-08-09
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
48 CVE-2019-14491 125 DoS 2019-08-01 2019-08-09
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
49 CVE-2019-14463 125 2019-07-31 2019-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301.
50 CVE-2019-14462 125 2019-07-31 2019-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302.
Total number of vulnerabilities : 2122   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.