CWE-125: Out-of-bounds Read

This vulnerability in NVIDIA's NVJPEG library allows attackers to perform out-of-bounds read/write operations, potentially leading to code execution, ...

This vulnerability allows attackers to cause out-of-bounds memory reads when processing malicious USD (Universal Scene Description) files. Successful ...

This vulnerability allows attackers to execute arbitrary code by tricking users into processing maliciously crafted images. It affects Apple iOS, iPad...

This vulnerability allows arbitrary code execution when processing maliciously crafted images due to an out-of-bounds read. It affects multiple Apple ...

CVE-2020-9877 is an out-of-bounds read vulnerability in Apple's image processing that could allow arbitrary code execution when processing malicious i...

CVE-2020-24418 is an out-of-bounds read vulnerability in Adobe After Effects that could allow an attacker to execute arbitrary code in the context of ...

CVE-2020-9749 is an out-of-bounds read vulnerability in Adobe Animate that could allow arbitrary code execution when a user opens a malicious .fla fil...

CVE-2020-24409 is an out-of-bounds read vulnerability in Adobe Illustrator that could allow arbitrary code execution when a user opens a malicious PDF...

This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious audio files. It affects Apple devices running o...

This vulnerability allows attackers to execute arbitrary code by tricking users into processing a malicious audio file. It affects Apple iOS, iPadOS, ...

CVE-2020-9799 is an out-of-bounds read vulnerability in macOS that allows malicious applications to execute arbitrary code with kernel privileges. Thi...

CVE-2020-25188 is an out-of-bounds read vulnerability in LAquis SCADA software that allows remote code execution. An attacker can exploit this by tric...

This vulnerability in Foxit Studio Photo allows remote attackers to execute arbitrary code by tricking users into opening malicious TIF files. The fla...

This vulnerability is an out-of-bounds read in certain Intel Graphics Drivers that could allow an authenticated local user to potentially escalate pri...

Adobe Premiere Pro versions 14.2 and earlier contain an out-of-bounds read vulnerability that could allow attackers to execute arbitrary code. This af...

CVE-2020-9815 is an out-of-bounds read vulnerability in Apple's audio file processing that could allow arbitrary code execution when processing a mali...

CVE-2020-9791 is an out-of-bounds read vulnerability in Apple's audio file processing that could allow arbitrary code execution when processing malici...

This vulnerability allows remote attackers to execute arbitrary code on Foxit PhantomPDF installations by tricking users into opening malicious PDF fi...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious PDF files containing specially crafted U...

This vulnerability in the Linux kernel's BPF verifier allows attackers to bypass memory bounds checks for 32-bit operations, leading to out-of-bounds ...

This CVE describes an out-of-bounds read vulnerability in macOS kernel memory that could allow an attacker to cause system crashes or read sensitive k...

A kernel memory corruption vulnerability in Linux ipvlan driver allows local attackers to trigger out-of-bounds memory access, potentially leading to ...

This CVE describes a shift-out-of-bounds vulnerability in the Linux kernel's scheduler load_balance() function. It could allow local attackers to caus...

An integer overflow vulnerability in Silicon Labs Gecko Bootloader versions 4.3.1 and earlier allows attackers to access memory beyond allocated bound...

CVE-2026-27831 is a heap-based out-of-bounds read vulnerability in rldns DNS server version 2.3 that can cause denial of service. The vulnerability al...

This vulnerability in FreeRDP allows a malicious RDP server to trigger an out-of-bounds read by sending an execResult value of 7 or greater. This coul...

ImageMagick versions before 7.1.2-15 and 6.9.13-40 have a heap information disclosure vulnerability in their PSD format handler. When processing speci...

This vulnerability in Valkey allows attackers with access to the clusterbus port to send specially crafted packets that cause out-of-bounds reads, pot...

A remote array index out-of-bounds vulnerability in free5GC's AMF component allows attackers to crash the AMF service via specially crafted 5GS Mobile...

CVE-2025-69806 is an out-of-bounds read vulnerability in p2r3 bareiron software that allows unauthenticated remote attackers to leak relative informat...

Fast DDS versions prior to 3.4.1, 3.3.1, and 2.6.11 contain a vulnerability where malicious ParticipantGenericMessage packets can trigger excessive me...

This vulnerability in Fast DDS allows remote attackers to cause a denial-of-service (DoS) by sending specially crafted SPDP packets with modified DATA...

This vulnerability in Fast DDS allows remote attackers to cause a denial of service by triggering an out-of-memory condition. When security mode is en...

An out-of-bounds read vulnerability in Monkey web server's HTTP parser allows attackers to cause denial of service by sending crafted HTTP requests. T...

An out-of-bounds read vulnerability in Monkey web server's mk_mimetype_find function allows attackers to cause denial of service by sending specially ...

This vulnerability allows attackers to cause a Denial of Service (DoS) by sending a specially crafted POST request to the Monkey web server. The out-o...

An out-of-bounds read vulnerability in Monkey web server's memory handling allows attackers to cause denial of service by sending crafted HTTP request...

An out-of-bounds read vulnerability in Monkey web server's mk_vhost_fdt_close function allows attackers to cause denial of service by sending crafted ...

An out-of-bounds read vulnerability in GPAC's GSF demuxer filter allows attackers to cause denial of service by processing a malicious .gsf file. This...

This CVE describes an information disclosure vulnerability in PHP's getimagesize() function where uninitialized heap memory can leak into image metada...

A denial-of-service vulnerability in the omec-project UPF's pfcpiface component allows attackers to crash the UPF process by sending specially crafted...

A denial-of-service vulnerability in the omec-project UPF's pfcpiface component allows attackers to crash the UPF by sending specially crafted PFCP Se...

ImageMagick's TIM image parser contains an integer overflow vulnerability that allows attackers to trigger out-of-bounds memory reads by providing spe...

This vulnerability allows remote attackers to read sensitive information from memory without authentication or user interaction. It affects Android de...

This vulnerability in the BACnet Protocol Stack library allows out-of-bounds memory reads when processing specially crafted BACnet network protocol da...

An out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 allows attackers to read memory beyond intended boundaries by providing a large ...

This vulnerability in WebKitGTK and WPE WebKit allows remote attackers to cause a denial-of-service (DoS) by crashing the UIProcess through a crafted ...

This vulnerability in ThinkPHP 5.0.24 allows attackers to read arbitrary files on the server through crafted template values. It affects any applicati...

This vulnerability allows a remote attacker to read memory outside the intended buffer in Chrome's media component by tricking users into visiting a m...

This vulnerability involves boundary checking bugs in Xen's handling of Viridian hypercalls, allowing out-of-bounds reads and writes. Attackers could ...