CWE-125: Out-of-bounds Read

This vulnerability allows out-of-bounds heap buffer access in the SIM Proactive Command handler of affected Samsung processors and modems. Attackers c...

A buffer overflow vulnerability in FreeImage v3.19.0 allows local attackers to execute arbitrary code by exploiting the Load() function when processin...

This vulnerability allows remote attackers to read memory beyond intended boundaries in Android's SAEMM component, potentially exposing sensitive info...

This vulnerability in libsaped allows local attackers to trigger out-of-bounds read and write operations through improper input validation in the get_...

This vulnerability allows attackers to read memory outside the intended buffer bounds when processing APK close session requests in Qualcomm Snapdrago...

This vulnerability is a buffer over-read in Qualcomm's QVR Service configuration affecting multiple Snapdragon platforms. It allows attackers to read ...

This vulnerability allows attackers to read or write memory outside intended bounds in VR service due to insufficient validation of DSP selection valu...

CVE-2024-41125 is an out-of-bounds read vulnerability in Contiki-NG's SNMP module that could allow attackers to read one byte of memory beyond an allo...

CVE-2025-70298 is an out-of-bounds read vulnerability in GPAC's OGG demuxer that could allow attackers to read sensitive memory contents or cause appl...

CVE-2025-1675 is an out-of-bounds read vulnerability in the dns_copy_qname function of Zephyr RTOS's DNS implementation. This allows attackers to read...

CVE-2025-1674 is an out-of-bounds read vulnerability in Zephyr RTOS caused by insufficient input validation of network packets. Attackers can exploit ...

CVE-2025-1673 is an out-of-bounds read vulnerability in Zephyr RTOS DNS handling that allows a malicious DNS packet without payload to cause denial of...

This vulnerability allows attackers to crash Ollama servers by uploading a specially crafted GGUF file and triggering a segmentation fault through the...

This vulnerability in Firefox and Thunderbird involves improper bounds checking in clipboard code, allowing an out-of-bounds read. Attackers could exp...

This vulnerability in OpenHarmony allows remote attackers to execute arbitrary code in pre-installed applications through out-of-bounds memory operati...

A buffer overflow vulnerability in Tenda AC18 routers allows attackers to execute arbitrary code by sending specially crafted requests to the formSetP...

This vulnerability in Parallels Desktop allows local attackers with high-privileged code execution on a guest VM to escalate privileges to hypervisor ...

This vulnerability allows attackers to read memory beyond intended boundaries due to improper certificate chain validation in Qualcomm Snapdragon chip...

This vulnerability allows attackers to read memory beyond intended boundaries during Wi-Fi SSID information element parsing when using DFS channels on...

CVE-2021-43845 is an out-of-bounds read vulnerability in PJSIP multimedia communication library versions 2.11.1 and earlier. A malicious actor can sen...

This vulnerability in MediaTek Wi-Fi chips allows attackers to perform out-of-bounds reads via the WPS protocol, potentially leading to information di...

This vulnerability in MediaTek Wi-Fi chipsets allows attackers to perform out-of-bounds reads via IEEE 1905 protocol handling. It affects NETGEAR and ...

This vulnerability in MediaTek wireless chipsets allows attackers to perform out-of-bounds reads via mishandled IEEE 1905 protocol packets. It affects...

CVE-2021-21410 is an out-of-bounds read vulnerability in Contiki-NG's 6LoWPAN packet processing that allows attackers to read beyond allocated memory ...

CVE-2020-11251 is an out-of-bounds read vulnerability in Qualcomm Snapdragon chipsets that allows attackers to read memory beyond allocated buffers wh...

A length underflow vulnerability in the BACnet Stack library allows attackers to cause denial-of-service through malformed WriteProperty requests. Thi...

This heap buffer over-read vulnerability in wolfSSH's wolfSSH_CleanPath() function allows authenticated remote attackers to read one byte beyond alloc...

This vulnerability in Eclipse OMR's compiler component causes incorrect handling of NUL characters during charset translation on Z processors, leading...

CVE-2025-48530 is an out-of-bounds memory access vulnerability in Android that could allow remote code execution without user interaction. Attackers c...

CVE-2025-42976 is a memory corruption vulnerability in SAP NetWeaver Application Server ABAP's BIC Document component that allows authenticated attack...

This vulnerability in GStreamer's isomp4 plugin allows heap buffer over-read when parsing malicious MP4 files, potentially exposing sensitive memory c...

This vulnerability in libssh allows an authenticated remote attacker to trigger an out-of-bounds read in the sftp_handle function, potentially exposin...

A memory corruption vulnerability in Firefox and Thunderbird's XSLT processor could allow attackers to execute arbitrary code or cause denial of servi...

CVE-2024-41311 is an out-of-bounds read/write vulnerability in Libheif's ImageOverlay::parse() function when processing malicious HEIF files with forg...

This CVE describes a heap out-of-bounds read vulnerability in USB code that could lead to arbitrary write and remote code execution. It affects FreeBS...

This vulnerability allows an authenticated attacker to elevate privileges on Windows systems by exploiting a flaw in the Remote Access Connection Mana...

CVE-2023-52727 is an out-of-bounds read vulnerability in the parseAlignBits function of ONOS onos-lib-go library. This allows attackers to read sensit...

CVE-2023-48025 is an out-of-bounds read vulnerability in Liblisp's get_length function that could allow attackers to read sensitive memory contents. T...

This vulnerability allows a remote attacker to perform out-of-bounds memory reads in Chrome's V8 JavaScript engine by tricking users into visiting a m...

This vulnerability allows a remote attacker to read memory outside the intended bounds in Google Chrome's font processing component. Attackers can exp...

This vulnerability allows attackers to read memory outside the intended buffer when processing malicious files on macOS systems. It affects macOS Mont...

This vulnerability allows remote attackers to execute arbitrary code on affected TP-Link routers via a buffer overflow in the WLAN MAC filter manageme...

CVE-2022-34299 is a heap-based buffer over-read vulnerability in libdwarf 0.4.0's dwarf_global_formref_b function. This allows attackers to read sensi...

This vulnerability allows a remote attacker to perform out-of-bounds memory reads in Google Chrome's Blink Serial API. Attackers can exploit this via ...

This vulnerability in TensorFlow's ReverseSequence operation allows heap out-of-bounds reads when processing negative batch_dim values. Attackers coul...

This vulnerability in TensorFlow's Dequantize operation allows attackers to read past the end of memory arrays by providing invalid axis values, poten...

This vulnerability in Exiv2 image metadata library allows attackers to read beyond allocated memory boundaries when processing specially crafted Nikon...

CVE-2021-20024 is an out-of-bounds read vulnerability in SonicWall Switch LLDP protocol handling that allows attackers to cause system instability or ...

This vulnerability allows an attacker to read memory outside the bounds of a canvas buffer when Firefox renders text with WebRender disabled, potentia...

This vulnerability is an out-of-bounds read in Google Chrome's networking component that allows a remote attacker who has already compromised the rend...