CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2018-8789
https://notcve.org/view.php?id=CVE-2018-8789
29 Nov 2018 — FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). • http://www.securityfocus.com/bid/106938 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16427 – opensc: Out of bounds reads handling responses from smartcards
https://notcve.org/view.php?id=CVE-2018-16427
04 Sep 2018 — Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs. • https://access.redhat.com/errata/RHSA-2019:2154 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 90%CPEs: 17EXPL: 1CVE-2018-8145 – Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes
https://notcve.org/view.php?id=CVE-2018-8145
09 May 2018 — An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." ... Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes. • https://www.exploit-db.com/exploits/45011 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13259
https://notcve.org/view.php?id=CVE-2017-13259
04 Apr 2018 — In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks. • http://www.securityfocus.com/bid/103253 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2017-16362
https://notcve.org/view.php?id=CVE-2017-16362
09 Dec 2017 — This vulnerability is an instance of an out of bounds read vulnerability in the MakeAccesible plugin, when handling font data. It causes an out of bounds memory access, which sometimes triggers an access violation exception. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, writes, or frees, potentially leading to code corruption, control-flow hijack, or an information leak attack. • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 7%CPEs: 8EXPL: 0CVE-2017-16406 – Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16406
09 Dec 2017 — This vulnerability is an instance of a type confusion vulnerability in the EMF processing module. The issue causes the program to access an object using an incompatible type, leading to an out of bounds memory access. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, writes, or frees -- potentially leading to code corruption, control-flow hijack, or information leak attack. ... The issue results from the la... • http://www.securityfocus.com/bid/101815 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2017-16367
https://notcve.org/view.php?id=CVE-2017-16367
09 Dec 2017 — This vulnerability is an instance of a type confusion overflow vulnerability. The vulnerability leads to an out of bounds memory access. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads or writes -- potentially leading to code corruption, control-flow hijack, or an information leak attack. • http://www.securityfocus.com/bid/101815 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2017-16642 – PHP 7.1.8 - Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-16642
07 Nov 2017 — In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. ... En PHP, en versiones anteriores a la 5.6.32, versiones 7.x anteriores a la 7.0.25 y versiones 7.1.x an... • https://www.exploit-db.com/exploits/43133 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 24%CPEs: 16EXPL: 1CVE-2017-8682 – Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table 'win32k!bGeneratePath' (Denial of Service)
https://notcve.org/view.php?id=CVE-2017-8682
13 Sep 2017 — The Microsoft Windows kernel win32k.sys TTF font procession functionality suffers from out-of-bounds read/write vulnerabilities. • https://www.exploit-db.com/exploits/42744 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0CVE-2017-11145 – php: wddx_deserialize() heap out-of-bound read via php_parse_date()
https://notcve.org/view.php?id=CVE-2017-11145
10 Jul 2017 — In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e8b7698f5ee757ce2c8bd10a192a491a498f891c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •