CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-125

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-6444 125 2019-01-16 2019-01-22
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
2 CVE-2019-6443 125 2019-01-16 2019-01-22
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
3 CVE-2019-6286 125 2019-01-14 2019-01-22
4.3
None Remote Medium Not required None None Partial
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
4 CVE-2019-5747 125 +Info 2019-01-09 2019-01-16
5.0
None Remote Low Not required Partial None None
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.
5 CVE-2019-5718 125 2019-01-08 2019-01-15
4.3
None Remote Medium Not required None None Partial
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
6 CVE-2019-5007 125 2019-01-03 2019-01-15
5.8
None Remote Medium Not required Partial None Partial
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing.
7 CVE-2018-1999015 125 2018-07-23 2018-09-20
4.3
None Remote Medium Not required Partial None None
FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later.
8 CVE-2018-1999014 125 2018-07-23 2018-09-19
4.3
None Remote Medium Not required None None Partial
FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later.
9 CVE-2018-1999010 125 2018-07-23 2019-01-08
7.5
None Remote Low Not required Partial Partial Partial
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later.
10 CVE-2018-1000668 125 Exec Code 2018-09-06 2018-10-25
4.3
None Remote Medium Not required None None Partial
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to have been fixed in 2.4.71.
11 CVE-2018-1000085 125 2018-03-13 2018-10-21
4.3
None Remote Medium Not required None None Partial
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6.
12 CVE-2018-1000034 125 DoS 2018-02-09 2018-02-26
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
13 CVE-2018-1000033 125 DoS 2018-02-09 2018-02-26
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
14 CVE-2018-1000005 125 2018-01-24 2018-03-20
6.4
None Remote Low Not required Partial None Partial
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.
15 CVE-2018-20721 125 2019-01-16 2019-01-22
7.5
None Remote Low Not required Partial Partial Partial
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.
16 CVE-2018-20679 125 +Info 2019-01-09 2019-01-16
5.0
None Remote Low Not required Partial None None
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.
17 CVE-2018-20591 125 2018-12-30 2019-01-04
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx.
18 CVE-2018-20588 125 2018-12-30 2019-01-14
4.3
None Remote Medium Not required None None Partial
lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read.
19 CVE-2018-20570 125 2018-12-28 2019-01-10
4.3
None Remote Medium Not required None None Partial
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
20 CVE-2018-20553 125 2018-12-28 2019-01-06
6.8
None Remote Medium Not required Partial Partial Partial
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
21 CVE-2018-20552 125 2018-12-28 2019-01-06
6.8
None Remote Medium Not required Partial Partial Partial
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.
22 CVE-2018-20536 125 DoS 2018-12-28 2019-01-06
4.3
None Remote Medium Not required None None Partial
There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.
23 CVE-2018-20461 125 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.
24 CVE-2018-20459 125 2018-12-25 2019-01-09
4.3
None Remote Medium Not required None None Partial
In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457.
25 CVE-2018-20458 125 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file.
26 CVE-2018-20457 125 2018-12-25 2019-01-09
4.3
None Remote Medium Not required None None Partial
In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20459.
27 CVE-2018-20456 125 DoS 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455.
28 CVE-2018-20453 125 DoS 2018-12-25 2019-01-11
4.3
None Remote Medium Not required None None Partial
The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file.
29 CVE-2018-20430 125 2018-12-24 2019-01-11
4.3
None Remote Medium Not required None None Partial
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.
30 CVE-2018-20185 125 DoS 2018-12-17 2019-01-08
2.6
None Remote High Not required None None Partial
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
31 CVE-2018-20124 125 2018-12-20 2019-01-09
2.1
None Local Low Not required None None Partial
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
32 CVE-2018-19975 125 2018-12-17 2019-01-04
7.1
None Remote Medium Not required Complete None None
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.
33 CVE-2018-19843 125 DoS 2018-12-04 2018-12-31
4.3
None Remote Medium Not required None None Partial
opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
34 CVE-2018-19842 125 DoS 2018-12-04 2018-12-31
4.3
None Remote Medium Not required None None Partial
getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
35 CVE-2018-19841 125 2018-12-04 2018-12-31
4.3
None Remote Medium Not required None None Partial
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
36 CVE-2018-19839 125 2018-12-04 2018-12-28
4.3
None Remote Medium Not required None None Partial
In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file.
37 CVE-2018-19763 125 DoS 2018-11-29 2018-12-26
4.3
None Remote Medium Not required None None Partial
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service.
38 CVE-2018-19761 125 DoS 2018-11-29 2018-12-26
4.3
None Remote Medium Not required None None Partial
There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service.
39 CVE-2018-19759 125 DoS 2018-11-29 2018-12-26
4.3
None Remote Medium Not required None None Partial
There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service.
40 CVE-2018-19758 125 DoS 2018-11-29 2019-01-11
4.3
None Remote Medium Not required None None Partial
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.
41 CVE-2018-19756 125 DoS 2018-11-29 2018-12-26
4.3
None Remote Medium Not required None None Partial
There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service.
42 CVE-2018-19722 125 2019-01-18 2019-01-23
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
43 CVE-2018-19719 125 2019-01-18 2019-01-22
4.3
None Remote Medium Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
44 CVE-2018-19717 125 2019-01-18 2019-01-23
4.3
None Remote Medium Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
45 CVE-2018-19714 125 2019-01-18 2019-01-22
4.3
None Remote Medium Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
46 CVE-2018-19712 125 2019-01-18 2019-01-22
4.3
None Remote Medium Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
47 CVE-2018-19711 125 2019-01-18 2019-01-23
4.3
None Remote Medium Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
48 CVE-2018-19710 125 2019-01-18 2019-01-23
4.3
None Remote Medium Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
49 CVE-2018-19709 125 2019-01-18 2019-01-23
4.3
None Remote Medium Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
50 CVE-2018-19706 125 2019-01-18 2019-01-22
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Total number of vulnerabilities : 1145   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.