Total
6082 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-9590 | 1 Google | 1 Android | 2019-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| In add_attr of sdp_discovery.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-115900043. | |||||
| CVE-2018-9589 | 1 Google | 1 Android | 2019-02-12 | 2.1 LOW | 5.5 MEDIUM |
| In ieee802_11_rx_wnmsleep_req of wnm_ap.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi driver with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-111893132. | |||||
| CVE-2018-9593 | 1 Google | 1 Android | 2019-02-12 | 3.3 LOW | 6.5 MEDIUM |
| In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116722267. | |||||
| CVE-2018-18504 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2019-02-07 | 7.5 HIGH | 9.8 CRITICAL |
| A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affects Firefox < 65. | |||||
| CVE-2018-17854 | 1 Simdcomp Project | 1 Simdcomp | 2019-02-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| SIMDComp before 0.1.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes. NOTE: this issue exists because of an incomplete fix for CVE-2018-17427. | |||||
| CVE-2018-18933 | 1 Foxitsoftware | 2 Foxit Reader, U3d | 2019-01-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation near NULL starting at FoxitReader!safe_vsnprintf+0x00000000002c4330" issue. | |||||
| CVE-2018-5811 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2019-01-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. | |||||
| CVE-2019-6246 | 1 Svgpp | 1 Svgpp | 2019-01-30 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the gil::get_color function in Generic Image Library in Boost, the return code is used as an address, leading to an Access Violation because of an out-of-bounds read. | |||||
| CVE-2019-6985 | 2 Foxitsoftware, Microsoft | 2 3d, Windows | 2019-01-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Read in Indexing or a Heap Overflow and crash during handling of certain PDF files that embed specifically crafted 3D content, due to an array access violation. | |||||
| CVE-2018-4194 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-01-29 | 6.8 MEDIUM | 8.8 HIGH |
| In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | |||||
| CVE-2018-12817 | 1 Adobe | 1 Digital Editions | 2019-01-23 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-6443 | 1 Ntpsec | 1 Ntpsec | 2019-01-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd. | |||||
| CVE-2019-6444 | 1 Ntpsec | 1 Ntpsec | 2019-01-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd. | |||||
| CVE-2018-4169 | 1 Apple | 1 Mac Os X | 2019-01-17 | 10.0 HIGH | 9.8 CRITICAL |
| In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, an out-of-bounds read was addressed with improved input validation. | |||||
| CVE-2018-4256 | 1 Apple | 1 Mac Os X | 2019-01-16 | 2.1 LOW | 5.5 MEDIUM |
| In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | |||||
| CVE-2018-4255 | 1 Apple | 1 Mac Os X | 2019-01-16 | 2.1 LOW | 5.5 MEDIUM |
| In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | |||||
| CVE-2019-5007 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2019-01-15 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing. | |||||
| CVE-2018-20588 | 1 Otfcc Project | 1 Otfcc | 2019-01-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read. | |||||
| CVE-2018-20430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2019-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. | |||||
| CVE-2018-20453 | 1 Libdoc Project | 1 Libdoc | 2019-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. | |||||