| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-6444 |
125 |
|
|
2019-01-16 |
2019-01-22 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd. |
|
2 |
CVE-2019-6443 |
125 |
|
|
2019-01-16 |
2019-01-22 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd. |
|
3 |
CVE-2019-6286 |
125 |
|
|
2019-01-14 |
2019-01-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693. |
|
4 |
CVE-2019-5747 |
125 |
|
+Info |
2019-01-09 |
2019-01-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679. |
|
5 |
CVE-2019-5718 |
125 |
|
|
2019-01-08 |
2019-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check. |
|
6 |
CVE-2019-5007 |
125 |
|
|
2019-01-03 |
2019-01-15 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing. |
|
7 |
CVE-2018-1999015 |
125 |
|
|
2018-07-23 |
2018-09-20 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later. |
|
8 |
CVE-2018-1999014 |
125 |
|
|
2018-07-23 |
2018-09-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later. |
|
9 |
CVE-2018-1999010 |
125 |
|
|
2018-07-23 |
2019-01-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later. |
|
10 |
CVE-2018-1000668 |
125 |
|
Exec Code |
2018-09-06 |
2018-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to have been fixed in 2.4.71. |
|
11 |
CVE-2018-1000085 |
125 |
|
|
2018-03-13 |
2018-10-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6. |
|
12 |
CVE-2018-1000034 |
125 |
|
DoS |
2018-02-09 |
2018-02-26 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. |
|
13 |
CVE-2018-1000033 |
125 |
|
DoS |
2018-02-09 |
2018-02-26 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. |
|
14 |
CVE-2018-1000005 |
125 |
|
|
2018-01-24 |
2018-03-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something. |
|
15 |
CVE-2018-20721 |
125 |
|
|
2019-01-16 |
2019-01-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address. |
|
16 |
CVE-2018-20679 |
125 |
|
+Info |
2019-01-09 |
2019-01-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes. |
|
17 |
CVE-2018-20591 |
125 |
|
|
2018-12-30 |
2019-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx. |
|
18 |
CVE-2018-20588 |
125 |
|
|
2018-12-30 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read. |
|
19 |
CVE-2018-20570 |
125 |
|
|
2018-12-28 |
2019-01-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read. |
|
20 |
CVE-2018-20553 |
125 |
|
|
2018-12-28 |
2019-01-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. |
|
21 |
CVE-2018-20552 |
125 |
|
|
2018-12-28 |
2019-01-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. |
|
22 |
CVE-2018-20536 |
125 |
|
DoS |
2018-12-28 |
2019-01-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service. |
|
23 |
CVE-2018-20461 |
125 |
|
|
2018-12-25 |
2018-12-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file. |
|
24 |
CVE-2018-20459 |
125 |
|
|
2018-12-25 |
2019-01-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457. |
|
25 |
CVE-2018-20458 |
125 |
|
|
2018-12-25 |
2018-12-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file. |
|
26 |
CVE-2018-20457 |
125 |
|
|
2018-12-25 |
2019-01-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20459. |
|
27 |
CVE-2018-20456 |
125 |
|
DoS |
2018-12-25 |
2018-12-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455. |
|
28 |
CVE-2018-20453 |
125 |
|
DoS |
2018-12-25 |
2019-01-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. |
|
29 |
CVE-2018-20430 |
125 |
|
|
2018-12-24 |
2019-01-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. |
|
30 |
CVE-2018-20185 |
125 |
|
DoS |
2018-12-17 |
2019-01-08 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits. |
|
31 |
CVE-2018-20124 |
125 |
|
|
2018-12-20 |
2019-01-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. |
|
32 |
CVE-2018-19975 |
125 |
|
|
2018-12-17 |
2019-01-04 |
7.1 |
None |
Remote |
Medium |
Not required |
Complete |
None |
None |
|
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD. |
|
33 |
CVE-2018-19843 |
125 |
|
DoS |
2018-12-04 |
2018-12-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2. |
|
34 |
CVE-2018-19842 |
125 |
|
DoS |
2018-12-04 |
2018-12-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2. |
|
35 |
CVE-2018-19841 |
125 |
|
|
2018-12-04 |
2018-12-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. |
|
36 |
CVE-2018-19839 |
125 |
|
|
2018-12-04 |
2018-12-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file. |
|
37 |
CVE-2018-19763 |
125 |
|
DoS |
2018-11-29 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service. |
|
38 |
CVE-2018-19761 |
125 |
|
DoS |
2018-11-29 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service. |
|
39 |
CVE-2018-19759 |
125 |
|
DoS |
2018-11-29 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service. |
|
40 |
CVE-2018-19758 |
125 |
|
DoS |
2018-11-29 |
2019-01-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. |
|
41 |
CVE-2018-19756 |
125 |
|
DoS |
2018-11-29 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service. |
|
42 |
CVE-2018-19722 |
125 |
|
|
2019-01-18 |
2019-01-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
43 |
CVE-2018-19719 |
125 |
|
|
2019-01-18 |
2019-01-22 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
44 |
CVE-2018-19717 |
125 |
|
|
2019-01-18 |
2019-01-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
45 |
CVE-2018-19714 |
125 |
|
|
2019-01-18 |
2019-01-22 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
46 |
CVE-2018-19712 |
125 |
|
|
2019-01-18 |
2019-01-22 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
47 |
CVE-2018-19711 |
125 |
|
|
2019-01-18 |
2019-01-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
48 |
CVE-2018-19710 |
125 |
|
|
2019-01-18 |
2019-01-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
49 |
CVE-2018-19709 |
125 |
|
|
2019-01-18 |
2019-01-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
50 |
CVE-2018-19706 |
125 |
|
|
2019-01-18 |
2019-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
