CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
855 vulnerabilities reference this CWE, most recent first.
GHSA-78J8-W6RH-444W
Vulnerability from github – Published: 2026-04-06 18:33 – Updated: 2026-04-06 18:33Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
{
"affected": [],
"aliases": [
"CVE-2026-21367"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-06T16:16:29Z",
"severity": "HIGH"
},
"details": "Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.",
"id": "GHSA-78j8-w6rh-444w",
"modified": "2026-04-06T18:33:05Z",
"published": "2026-04-06T18:33:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21367"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-78M6-6G3F-HQW3
Vulnerability from github – Published: 2025-02-03 18:30 – Updated: 2025-02-03 18:30Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.
{
"affected": [],
"aliases": [
"CVE-2024-38404"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-03T17:15:16Z",
"severity": "HIGH"
},
"details": "Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.",
"id": "GHSA-78m6-6g3f-hqw3",
"modified": "2025-02-03T18:30:41Z",
"published": "2025-02-03T18:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38404"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-796H-99FJ-C83R
Vulnerability from github – Published: 2026-07-14 18:31 – Updated: 2026-07-14 18:31A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions may allow an authenticated remote attacker to return a portion of device memory in the redirect response via submitting a specially crafted request.
{
"affected": [],
"aliases": [
"CVE-2025-43892"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T16:16:42Z",
"severity": "MODERATE"
},
"details": "A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions may allow an authenticated remote attacker to return a portion of device memory in the redirect response via submitting a specially crafted request.",
"id": "GHSA-796h-99fj-c83r",
"modified": "2026-07-14T18:31:54Z",
"published": "2026-07-14T18:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43892"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/#5944"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-79MW-JMC6-QMGJ
Vulnerability from github – Published: 2024-11-12 18:30 – Updated: 2024-11-12 18:30Microsoft Office Graphics Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-49031"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T18:15:43Z",
"severity": "HIGH"
},
"details": "Microsoft Office Graphics Remote Code Execution Vulnerability",
"id": "GHSA-79mw-jmc6-qmgj",
"modified": "2024-11-12T18:30:59Z",
"published": "2024-11-12T18:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49031"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49031"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7CH4-4CX7-V494
Vulnerability from github – Published: 2024-10-07 15:31 – Updated: 2024-10-07 15:31Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
{
"affected": [],
"aliases": [
"CVE-2024-33073"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-07T13:15:13Z",
"severity": "HIGH"
},
"details": "Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.",
"id": "GHSA-7ch4-4cx7-v494",
"modified": "2024-10-07T15:31:39Z",
"published": "2024-10-07T15:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33073"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-7F4R-2CQ6-J835
Vulnerability from github – Published: 2024-07-01 15:32 – Updated: 2024-07-01 15:32Information Disclosure while parsing beacon frame in STA.
{
"affected": [],
"aliases": [
"CVE-2024-21456"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-01T15:15:13Z",
"severity": "MODERATE"
},
"details": "Information Disclosure while parsing beacon frame in STA.",
"id": "GHSA-7f4r-2cq6-j835",
"modified": "2024-07-01T15:32:38Z",
"published": "2024-07-01T15:32:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21456"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-7H7X-QP7X-X7V9
Vulnerability from github – Published: 2022-12-06 09:30 – Updated: 2022-12-07 15:30In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
{
"affected": [],
"aliases": [
"CVE-2022-42759"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-06T07:15:00Z",
"severity": "MODERATE"
},
"details": "In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.",
"id": "GHSA-7h7x-qp7x-x7v9",
"modified": "2022-12-07T15:30:29Z",
"published": "2022-12-06T09:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42759"
},
{
"type": "WEB",
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7Q27-3V2R-CCJ9
Vulnerability from github – Published: 2025-01-06 12:30 – Updated: 2025-01-06 12:30Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
{
"affected": [],
"aliases": [
"CVE-2024-33067"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-06T11:15:08Z",
"severity": "MODERATE"
},
"details": "Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.",
"id": "GHSA-7q27-3v2r-ccj9",
"modified": "2025-01-06T12:30:33Z",
"published": "2025-01-06T12:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33067"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-7V7G-38MV-3237
Vulnerability from github – Published: 2024-02-20 15:31 – Updated: 2024-02-20 15:31A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet.
{
"affected": [],
"aliases": [
"CVE-2023-39540"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-20T15:15:08Z",
"severity": "MODERATE"
},
"details": "A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet.",
"id": "GHSA-7v7g-38mv-3237",
"modified": "2024-02-20T15:31:05Z",
"published": "2024-02-20T15:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39540"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1828"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1828"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7VM6-25CV-9XXX
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Buffer over-read in Windows Overlay Filter allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2026-50435"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:17:47Z",
"severity": "HIGH"
},
"details": "Buffer over-read in Windows Overlay Filter allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-7vm6-25cv-9xxx",
"modified": "2026-07-14T18:32:23Z",
"published": "2026-07-14T18:32:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50435"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50435"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.