CWE-125: Out-of-bounds Read

This vulnerability in VLC media player allows an out-of-bounds read and denial of service when processing a specially crafted MMS server response. Att...

This vulnerability in Thunderbird and Firefox allows attackers to trigger undefined behavior through XPath parsing, potentially leading to out-of-boun...

This vulnerability in the DHCP Client Service allows an attacker to cause a denial of service by sending specially crafted DHCP packets. Systems runni...

Dell iDRAC Service Module versions 5.3.0.0 and earlier contain an out-of-bounds read vulnerability that could allow a privileged local attacker to exe...

This vulnerability in EVerest EV charging software allows attackers to crash the process by sending malformed SLIP frames via serial input. It affects...

This vulnerability allows an unauthorized attacker with physical access to a Windows system to read memory beyond intended boundaries through Windows ...

EDK2's HashPeImageByType() function has an out-of-bounds read vulnerability when processing corrupted data pointers and lengths from adjacent network ...

This vulnerability in V5 DA allows an attacker with physical access to read memory beyond intended boundaries, potentially exposing sensitive informat...

CVE-2025-21215 is a Secure Boot security feature bypass vulnerability that allows attackers with physical access or administrative privileges to bypas...

CVE-2025-23274 is an out-of-bounds read vulnerability in NVIDIA's nvJPEG library where specially crafted JPEG images with malicious dimensions can tri...

This vulnerability allows local information disclosure via Bluetooth on Android 13 devices. An attacker with system execution privileges can read memo...

This memory handling vulnerability in Apple operating systems allows processing malicious files to cause denial-of-service or memory disclosure. It af...

This vulnerability in NVIDIA Display Driver's video decoder allows attackers to read memory beyond allocated boundaries. It affects Windows and Linux ...

An out-of-bounds read vulnerability in Intel AMT and Standard Manageability firmware allows privileged users to potentially disclose sensitive informa...

CVE-2025-21018 is an out-of-bounds read vulnerability in Blockchain Keystore that allows local privileged attackers to read memory beyond allocated bo...

This CVE describes an out-of-bounds array access vulnerability in the kernel ambient light module due to insufficient data verification. Successful ex...

A local input validation weakness in the TpmSetup module for legacy Lenovo System x servers allows attackers with elevated privileges to read memory c...

CVE-2018-9383 is an out-of-bounds read vulnerability in Android's ASN.1 BER decoder that could allow local information disclosure. Attackers need syst...

CVE-2018-9408 is an out-of-bounds read vulnerability in Android's GPS subsystem that could allow local information disclosure. Attackers with system e...

This CVE describes an out-of-bounds read vulnerability in cmdq (likely a MediaTek component) that could allow local information disclosure. Attackers ...

This CVE describes an out-of-bounds read vulnerability in the vdec component of MediaTek chipsets, which could allow local information disclosure. Att...

This vulnerability in MediaTek's vdec component allows local attackers with system privileges to read memory beyond intended boundaries, potentially e...

This CVE describes an out-of-bounds read vulnerability in the vdec component of MediaTek chipsets. It allows local information disclosure but requires...

This vulnerability in MediaTek's m4u component allows an attacker with system privileges to read memory beyond allocated bounds, potentially disclosin...

An out-of-bounds read vulnerability in the OSCAT Basic Library used in CODESYS PLC systems allows local unprivileged attackers to read limited interna...

This vulnerability in Samsung Exynos wearable and mobile processors allows attackers to trigger an integer overflow and heap over-read in the slsi_rx_...

A heap over-read vulnerability in Samsung Exynos mobile and wearable processors allows attackers to read memory beyond allocated buffers. This affects...

CVE-2024-20085 is an out-of-bounds read vulnerability in MediaTek power management components that could allow local information disclosure. Attackers...

This CVE describes an out-of-bounds read vulnerability in MediaTek's 'da' component that could allow local information disclosure. Attackers with syst...

This CVE describes an out-of-bounds read vulnerability in the Android kernel's nan.cpp component. It could allow local information disclosure to attac...

This CVE describes an out-of-bounds read vulnerability in Android's p2p_iface.cpp that could allow local information disclosure. Attackers with system...

This CVE describes a heap buffer overflow vulnerability in Android's Flattened Device Tree (FDT) implementation that could allow local information dis...

This CVE describes an out-of-bounds read vulnerability in Android's dumpstate component that could allow local information disclosure. Attackers with ...

This CVE describes an out-of-bounds read vulnerability in Android's Bluetooth Low Energy (BLE) scanner component. It allows local information disclosu...

This vulnerability allows local information disclosure on Android 13 devices through an out-of-bounds read in the p2p_iface.cpp component. Attackers w...

This CVE describes an out-of-bounds read vulnerability in Android's p2p_iface.cpp that could allow local information disclosure. It affects Android 13...

This CVE describes an out-of-bounds read vulnerability in Android's p2p_iface.cpp that could allow local information disclosure. It affects Android 13...

This CVE describes an out-of-bounds read vulnerability in Android's p2p_iface.cpp component. It allows local information disclosure when exploited wit...

This CVE describes an out-of-bounds read vulnerability in Android's Bluetooth Low Energy (BLE) stack that could allow local information disclosure. It...

This CVE describes an out-of-bounds read vulnerability in Android's Bluetooth stack that could allow local information disclosure. Attackers with syst...

This CVE describes an out-of-bounds read vulnerability in Android's Bluetooth subsystem that could allow local information disclosure. Attackers with ...

This CVE describes an out-of-bounds read vulnerability in Android's Bluetooth Low Energy (BLE) stack that could allow local information disclosure. At...

This CVE describes an out-of-bounds read vulnerability in Android's p2p_iface.cpp that could allow local information disclosure. It affects Android 13...

An out-of-bounds read vulnerability in Apple Pages document processing could allow an attacker to cause unexpected termination or disclose process mem...

This vulnerability is an out-of-bounds read in Windows NDIS (Network Driver Interface Specification) that allows an authorized attacker with physical ...

An out-of-bounds read vulnerability in libimagecodec.quram.so allows remote attackers to access memory beyond allocated boundaries. This affects Samsu...

An out-of-bounds read vulnerability in Chrome's V8 JavaScript engine allows remote attackers to potentially exploit heap corruption via malicious HTML...

This vulnerability in Google Chrome's Dawn component on macOS allows attackers to trigger out-of-bounds memory access via malicious HTML pages. It aff...

This vulnerability in Microsoft Office Excel involves an untrusted pointer dereference that could allow an attacker to read sensitive memory contents....

This vulnerability allows a remote attacker to read memory outside the intended buffer boundaries in Chrome's WebXR implementation. Attackers could po...