Filtered by CWE-125
Total 9561 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-11535 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c.
CVE-2017-11541 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVE-2017-11572 1 Fontforge 1 Fontforge 2025-04-20 N/A
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
CVE-2017-11608 1 Libsass 1 Libsass 2025-04-20 N/A
There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.
CVE-2017-12967 1 Gnu 1 Binutils 2025-04-20 N/A
The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary.
CVE-2017-11639 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h.
CVE-2017-11661 1 Mindwerks 1 Wildmidi 2025-04-20 N/A
The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.
CVE-2017-11662 1 Mindwerks 1 Wildmidi 2025-04-20 N/A
The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.
CVE-2017-11664 1 Mindwerks 1 Wildmidi 2025-04-20 6.5 Medium
The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.
CVE-2017-11669 1 Eapmd5pass Project 1 Eapmd5pass 2025-04-20 N/A
An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:211 was found in the way eapmd5pass 1.4 handled processing of network packets. A remote attacker could potentially use this flaw to crash the eapmd5pass process under certain circumstances by generating specially crafted network traffic.
CVE-2017-11670 1 Eapmd5pass Project 1 Eapmd5pass 2025-04-20 N/A
A length validation (leading to out-of-bounds read and write) flaw was found in the way eapmd5pass 1.4 handled network traffic in the extract_eapusername function. A remote attacker could potentially use this flaw to crash the eapmd5pass process by generating specially crafted network traffic.
CVE-2014-8716 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
CVE-2017-6892 1 Libsndfile Project 1 Libsndfile 2025-04-20 N/A
In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file.
CVE-2017-17787 3 Canonical, Debian, Gimp 3 Ubuntu Linux, Debian Linux, Gimp 2025-04-20 7.8 High
In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.
CVE-2017-16808 1 Tcpdump 1 Tcpdump 2025-04-20 N/A
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
CVE-2016-10070 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2025-04-20 5.5 Medium
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
CVE-2014-9839 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).
CVE-2017-7244 2 Pcre, Redhat 2 Pcre, Jboss Core Services 2025-04-20 N/A
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.
CVE-2016-4682 1 Apple 1 Mac Os X 2025-04-20 N/A
An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted SGI file.
CVE-2017-13009 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().