Vulnerabilities (CVE)

Filtered by CWE-125
Total 6329 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0259 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.
CVE-2013-0888 5 Apple, Google, Linux and 2 more 5 Mac Os X, Chrome, Linux Kernel and 2 more 2024-02-28 5.0 MEDIUM N/A
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a "user gesture check for dangerous file downloads."
CVE-2012-1798 4 Debian, Imagemagick, Opensuse and 1 more 10 Debian Linux, Imagemagick, Opensuse and 7 more 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
CVE-2011-3060 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2024-02-28 6.8 MEDIUM N/A
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2012-5109 1 Google 1 Chrome 2024-02-28 5.0 MEDIUM N/A
The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression.
CVE-2011-3057 1 Google 1 Chrome 2024-02-28 4.3 MEDIUM N/A
Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation.
CVE-2011-3059 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2024-02-28 6.8 MEDIUM N/A
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2012-5110 1 Google 1 Chrome 2024-02-28 5.0 MEDIUM N/A
The compositor in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-3066 1 Google 1 Chrome 2024-02-28 6.8 MEDIUM N/A
Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-3040 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2024-02-28 4.3 MEDIUM N/A
Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
CVE-2011-3893 1 Google 1 Chrome 2024-02-28 5.0 MEDIUM N/A
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-2794 1 Google 1 Chrome 2024-02-28 6.8 MEDIUM N/A
Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-3910 1 Google 1 Chrome 2024-02-28 5.0 MEDIUM N/A
Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-3970 3 Google, Suse, Xmlsoft 5 Chrome, Linux Enterprise Desktop, Linux Enterprise Server and 2 more 2024-02-28 4.3 MEDIUM N/A
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-2345 1 Google 1 Chrome 2024-02-28 4.3 MEDIUM N/A
The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-3963 1 Google 1 Chrome 2024-02-28 5.0 MEDIUM N/A
Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-3905 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-02-28 5.0 MEDIUM N/A
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-3906 1 Google 1 Chrome 2024-02-28 5.0 MEDIUM N/A
The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-1120 1 Google 1 Chrome 2024-02-28 5.0 MEDIUM N/A
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717.
CVE-2011-2501 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources.