CWE-125: Out-of-bounds Read

This vulnerability involves boundary checking bugs in Xen's handling of Viridian hypercalls, allowing out-of-bounds reads and writes. Attackers could ...

This vulnerability in NextX Duo's HTTP client module allows a malicious server response to trigger undefined behavior through improper bounds checking...

This vulnerability in NetX Duo's ICMPv6 packet processing allows attackers to read memory beyond intended boundaries when handling specially crafted I...

This vulnerability in NextX Duo's SNMP addon allows attackers to trigger an out-of-bounds read via specially crafted SNMPv3 security parameters. This ...

This vulnerability allows attackers to cause denial of service by sending undisclosed traffic to F5 BIG-IP systems with specific DTLS configurations. ...

This vulnerability allows attackers to cause denial of service by sending specific traffic to BIG-IP APM systems with OAuth access profiles configured...

This OpenSSL vulnerability allows attackers to trigger out-of-bounds memory operations when applications decrypt CMS messages using password-based enc...

This vulnerability in libsoup's cookie date handling allows out-of-bounds memory reads when processing maliciously crafted cookie expiration dates. It...

This vulnerability allows an unauthorized attacker to trigger an out-of-bounds read in Windows Internet Information Services (IIS) through network acc...

An out-of-bounds read vulnerability in the User Management Component (UMC) of SIMATIC PCS neo industrial control systems allows unauthenticated remote...

This vulnerability involves out-of-bounds reads in Malwarebytes string detection utilities that can cause system crashes. It affects Malwarebytes cons...

A segmentation fault vulnerability in NanoMQ v0.21.10 allows attackers to cause Denial of Service (DoS) by sending specially crafted messages. This af...

CVE-2025-5777 (CitrixBleed 2) is a memory disclosure vulnerability in Citrix NetScaler ADC and Gateway appliances. Insufficient input validation allow...

An out-of-bounds read vulnerability in Microsoft Web Threat Defense (WTD.sys) allows unauthorized attackers to cause denial of service over a network....

An out-of-bounds read buffer overflow vulnerability in Siemens' User Management Component (UMC) affects multiple industrial automation products. This ...

An out-of-bounds read buffer overflow vulnerability in Siemens industrial automation products allows unauthenticated remote attackers to cause denial ...

An out-of-bounds read vulnerability in libsoup's soup_headers_parse_request() function allows attackers to crash HTTP servers via specially crafted HT...

A vulnerability in Ollama versions up to 0.3.14 allows attackers to upload specially crafted gguf model files that cause an out-of-bounds read, crashi...

This vulnerability allows attackers to send malformed messages through the Wi-Fi driver to Samsung Exynos processors, causing out-of-bounds memory acc...

This vulnerability in F5 BIG-IP systems allows attackers to cause Traffic Management Microkernel (TMM) termination by sending specific requests to vir...

This vulnerability allows remote attackers to trigger out-of-bounds memory access in Chrome's V8 JavaScript engine, potentially leading to heap corrup...

A buffer overflow vulnerability in Magma's decode_protocol_configuration_options function allows attackers to cause Denial of Service (DoS) via crafte...

An out-of-bounds read vulnerability in FortiOS IPsec IKE service allows unauthenticated remote attackers to trigger memory consumption leading to deni...

An out-of-bounds read vulnerability in Juniper Junos OS and Junos OS Evolved routing protocol daemon (rpd) allows unauthenticated attackers to crash t...

This vulnerability allows a remote attacker to obtain sensitive information, specifically the admin password, via the password parameter on the change...

This vulnerability in multiple Netis router models allows remote attackers to access sensitive information through specific endpoints and binaries. Af...

This vulnerability in Android's SMS utilities allows remote attackers to read memory beyond intended boundaries without user interaction, potentially ...

This CVE describes an out-of-bounds read vulnerability in GStreamer's WAV file parser that occurs when processing malformed ADTL chunks. Attackers can...

This vulnerability in GStreamer's QuickTime demuxer allows an out-of-bounds read when processing specially crafted media files. Attackers could exploi...

A null pointer dereference vulnerability in GStreamer's matroska demuxer can cause application crashes when processing specially crafted media files. ...

This CVE describes an out-of-bounds read vulnerability in GStreamer's qtdemux component that occurs when parsing malformed media containers. Attackers...

An out-of-bounds read vulnerability in the IPsec implementation of Ivanti Connect Secure allows remote unauthenticated attackers to cause denial of se...

RAGFlow 0.13.0 has an improper access control vulnerability in document-hooks.ts that allows unauthenticated attackers to access user documents. This ...

This vulnerability in MediaTek wlan drivers allows remote attackers to read memory beyond intended boundaries without authentication or user interacti...

This CVE describes an out-of-bounds read vulnerability in MediaTek telephony components that could allow remote denial of service attacks. The vulnera...

This CVE describes an out-of-bounds read vulnerability in Telephony components that could allow remote attackers to cause denial of service without us...

This CVE describes an out-of-bounds read vulnerability in MediaTek telephony components that could allow remote denial of service attacks without user...

CVE-2024-45520 is a memory corruption vulnerability in WithSecure Atlant (formerly F-Secure Atlant) that allows remote attackers to cause denial of se...

Zulip versions 8.0 through 8.3 contain a memory leak vulnerability in popover handling that allows attackers to gradually exhaust server memory throug...

This CVE describes an out-of-bounds read vulnerability in Apache NimBLE's Bluetooth stack. It allows reading beyond allocated memory boundaries when p...

An out-of-bounds read vulnerability in Sharp and Toshiba Tec multifunction printers could allow attackers to cause denial-of-service conditions by sen...

CVE-2018-9484 is an out-of-bounds read vulnerability in Android's Bluetooth stack that allows remote attackers to read memory contents without authent...

CVE-2018-9456 is an out-of-bounds read vulnerability in Android's Bluetooth SDP (Service Discovery Protocol) implementation that could allow remote at...

CVE-2023-39179 is an out-of-bounds read vulnerability in the Linux kernel's ksmbd SMB2 module that allows attackers to read sensitive kernel memory. T...

This vulnerability allows remote unauthenticated attackers to trigger an out-of-bounds write in the IPsec component of Ivanti Connect Secure, potentia...

Sharp and Toshiba Tec multifunction printers (MFPs) contain out-of-bounds read vulnerabilities in their web interfaces. Attackers can crash affected d...

This vulnerability in Windows Network Address Translation (NAT) allows attackers to cause a denial of service condition by sending specially crafted n...

NASA CryptoLib v1.3.0 contains an out-of-bounds read vulnerability in the TM subsystem (crypto_tm.c) that could allow attackers to read sensitive memo...

CVE-2024-44910 is an out-of-bounds read vulnerability in NASA CryptoLib v1.3.0's AOS subsystem that could allow attackers to read sensitive memory con...

An out-of-bounds read vulnerability in OpenPLC Runtime's EtherNet/IP PCCC parser allows attackers to cause denial of service via specially crafted net...