CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-10994 – python-pillow: multiple out-of-bounds reads via a crafted JP2 file
https://notcve.org/view.php?id=CVE-2020-10994
25 Jun 2020 — In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file. En la biblioteca libImaging/Jpeg2KDecode.c en Pillow versiones anteriores a 7.1.0, se presentan múltiples lecturas fuera de límites por medio de un archivo JP2 diseñado An out-of-bounds read flaw was found in python-pillow in the way JP2 images are parsed. • https://github.com/python-pillow/Pillow/commits/master/src/libImaging • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12761
https://notcve.org/view.php?id=CVE-2020-12761
09 May 2020 — modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map. • https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 52EXPL: 7CVE-2020-8835 – Linux kernel bpf verifier vulnerability
https://notcve.org/view.php?id=CVE-2020-8835
30 Mar 2020 — In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. ... (el problema también se conoce como ZDI-CAN-10780) This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. • https://github.com/zilong3033/CVE-2020-8835 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-20503 – usrsctp: Out of bounds reads in sctp_load_addresses_from_init()
https://notcve.org/view.php?id=CVE-2019-20503
06 Mar 2020 — usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. usrsctp versiones anteriores al 20-12-2019, presenta lecturas fuera de límites en la función sctp_load_addresses_from_init. The Mozilla Foundation Security Advisory describes this flaw as: The inputs to `sctp_load_addresses_from_init` are verified by `sctp_arethere_unrecognized_parameters`; however, the two functions handled parameter bounds differently, resulting in out of
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2020-1893
https://notcve.org/view.php?id=CVE-2020-1893
03 Mar 2020 — Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. ... Este problema afecta a HHVM versiones 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versiones entre 4.33.0 y 4.38.0 (inclusive), y versi... • https://github.com/facebook/hhvm/commit/bd586671a3c22eb2f07e55f11b3ce64e1f7961e7 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2020-1888
https://notcve.org/view.php?id=CVE-2020-1888
03 Mar 2020 — Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. ... Este problema afecta a HHVM versiones 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versiones entre 4.33.0 y 4.38.0 (inclusive), ... • https://github.com/facebook/hhvm/commit/b3679121bb3c7017ff04b4c08402ffff5cf59b13 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 1%CPEs: 5EXPL: 0CVE-2019-3861 – libssh2: Out-of-bounds reads with specially crafted SSH packets
https://notcve.org/view.php?id=CVE-2019-3861
19 Mar 2019 — An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. ... An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who comprom... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20176
https://notcve.org/view.php?id=CVE-2018-20176
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain several Out-Of- Bounds Reads in the file secure.c that result in a Denial of Service (segfault). rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene varias lecturas fuera de límites en el archivo secure.c que resultan en una denegación de servicio (segfault). • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20175
https://notcve.org/view.php?id=CVE-2018-20175
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault). rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene varios errores en la propiedad signedness de un número entero que conducen a lecturas fuera de límites en el archivo mcs.c y resultan en una denegación de servicio (segfault). • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-11465
https://notcve.org/view.php?id=CVE-2018-11465
12 Dec 2018 — A local attacker could use ioctl calls to do out of bounds reads, arbitrary writes, or execute code in kernel mode. ... The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. • http://www.securityfocus.com/bid/106185 • CWE-125: Out-of-bounds Read CWE-248: Uncaught Exception •