CWE-125: Out-of-bounds Read

This vulnerability in Ethernut's DNS implementation allows attackers to send malformed DNS packets that trigger memory corruption. Successful exploita...

CVE-2019-8746 is a critical out-of-bounds read vulnerability in multiple Apple products that allows remote attackers to cause application crashes or e...

CVE-2019-8547 is an out-of-bounds read vulnerability in Apple operating systems that allows remote attackers to leak kernel memory. This could expose ...

CVE-2019-8581 is an out-of-bounds read vulnerability in Apple AirPort Base Station firmware that allows remote attackers to leak memory contents. This...

CVE-2020-9918 is a critical kernel vulnerability in Apple operating systems that allows remote attackers to read beyond allocated memory boundaries. T...

This vulnerability in Noise-Java allows out-of-bounds memory access in the ChaChaPolyCipherState.encryptWithAd() function due to insufficient boundary...

This vulnerability in Noise-Java allows out-of-bounds memory access in the AESGCMOnCtrCipherState.encryptWithAd() function due to insufficient boundar...

An unauthenticated attacker within Z-Wave range can exploit a stack buffer overflow in SiLabs Unify Gateway versions 1.3.1 and earlier to execute arbi...

This vulnerability allows an unauthorized attacker to perform an out-of-bounds read in Application Gateway, potentially leading to privilege escalatio...

This vulnerability allows attackers to bypass TrustZone memory isolation in Silicon Labs Gecko SDK, enabling unauthorized access to trusted memory reg...

This vulnerability allows a remote attacker who has already compromised Chrome's renderer process to potentially escape the browser sandbox via a craf...

This vulnerability allows a remote attacker to read memory outside the intended buffer in Chrome's media component by tricking a user into visiting a ...

CVE-2026-25139 is an out-of-bounds read vulnerability in RIOT OS's 6LoWPAN stack that allows unauthenticated attackers to read adjacent memory or cras...

A heap out-of-bounds read vulnerability in FreeRDP's smartcard SetAttrib path allows attackers to read memory beyond allocated buffers. This affects F...

This CVE describes a global buffer overflow vulnerability in FreeRDP's Base64 decoding implementation. On Arm/AArch64 architectures, signedness issues...

This vulnerability in FreeRDP allows remote attackers to cause an out-of-bounds read by sending specially crafted MSUSB_INTERFACE_DESCRIPTOR values. T...

This vulnerability in FreeRDP allows attackers to cause heap-based out-of-bounds memory reads by controlling hostnames in certificate cache filenames....

An out-of-bounds read vulnerability in AzeoTech DAQFactory allows attackers to read memory beyond allocated buffers, potentially exposing sensitive in...

This vulnerability in ESP-IDF Bluetooth stack allows an attacker to trigger an out-of-bounds read by sending a malformed VENDOR DEPENDENT command when...

An out-of-bounds read vulnerability in Monkey's Audio 11.31 allows attackers to read beyond allocated memory boundaries when processing UTF-8 strings....

This vulnerability allows attackers to read memory beyond allocated boundaries in USBX's audio class parsing function. It affects systems using Eclips...

This vulnerability is an out-of-bounds read in the stack-overflow handler of LuaJIT, which could allow attackers to read sensitive memory contents or ...

An out-of-bounds read vulnerability in Samsung's rLottie animation library (version 0.2) allows attackers to read memory beyond allocated buffers. Thi...

An out-of-bounds read vulnerability in COROS PACE 3 devices allows attackers to cause denial of service by sending crafted BLE messages that force dev...

A memory corruption vulnerability in libxml2 allows attackers to craft malicious XML files containing specific sch:name elements. This can cause libxm...

A memory corruption vulnerability in Samsung Exynos processors allows attackers to perform out-of-bounds reads via malformed NAS packets. This affects...

An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea allows attackers to read arbitrary files, make server-side request forgery...

This CVE describes an out-of-bounds read vulnerability in GStreamer's subtitle parsing function. Attackers could exploit this to read sensitive memory...

CVE-2024-47776 is an out-of-bounds read vulnerability in GStreamer's WAV file parser that occurs when processing malformed CUE chunks. This allows att...

This CVE describes an out-of-bounds read vulnerability in GStreamer's qtdemux component when parsing MP4 files. Attackers can craft malicious MP4 file...

This CVE describes an out-of-bounds read vulnerability in GStreamer's audio channel discovery function. Attackers can trigger memory corruption by pro...

This vulnerability in MIT Kerberos 5 allows attackers to trigger invalid memory reads by sending specially crafted GSS message tokens with invalid len...

This OpenSSL vulnerability allows up to 255 bytes of arbitrary private memory data to be sent to a peer when SSL_select_next_proto is called with an e...

This vulnerability in Libarchive allows out-of-bounds memory access when processing ZIP archives with empty filenames and macOS extended attributes en...

CVE-2024-24192 is a heap overflow vulnerability in robdns that occurs when processing zone files. Attackers can exploit this to execute arbitrary code...

CVE-2024-22949 is a disputed vulnerability in JFreeChart v1.5.4 where a NullPointerException occurs in the CategoryLineAnnotation component, potential...

CVE-2022-48623 is an out-of-bounds read vulnerability in Cpanel::JSON::XS Perl package versions before 4.33. Attackers can exploit this to read sensit...

This is a macOS kernel vulnerability where improper bounds checking allows attackers to read kernel memory or cause system crashes. It affects macOS s...

CVE-2023-41359 is an out-of-bounds read vulnerability in FRRouting FRR's BGP daemon that occurs during AIGP attribute validation. Attackers could expl...

This vulnerability in the Linux kernel's ksmbd SMB server allows attackers to read memory beyond allocated buffers when processing SMB2 create context...

This vulnerability in the Linux kernel's ksmbd SMB server allows attackers to read memory beyond intended boundaries by exploiting improper validation...

This vulnerability in the Linux kernel's ksmbd SMB server allows attackers to trigger an out-of-bounds read by sending specially crafted SMB requests ...

This vulnerability in the Linux kernel's ksmbd SMB server allows attackers to trigger an out-of-bounds read by sending specially crafted SMB packets w...

CVE-2023-37240 is an out-of-bounds read vulnerability in Huawei's distributed file system caused by missing input length verification. Successful expl...

This vulnerability in Fortra Globalscape EFT administration server allows attackers to read memory outside allocated bounds, potentially causing servi...

This vulnerability is an out-of-bounds read in the GPAC multimedia framework that could allow attackers to read sensitive memory contents or cause den...

CVE-2022-48312 is an out-of-bounds read/write vulnerability in Huawei's HwPCAssistant module that could allow attackers to read or modify memory conte...

CVE-2022-34029 is an out-of-bounds read vulnerability in Nginx NJS (JavaScript engine) that could allow attackers to read sensitive memory contents or...

This vulnerability in Mbed TLS allows unauthenticated attackers to send specially crafted DTLS ClientHello messages to servers with specific configura...

CVE-2022-1899 is an out-of-bounds read vulnerability in radare2, a popular reverse engineering framework. This vulnerability allows attackers to read ...