CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
852 vulnerabilities reference this CWE, most recent first.
GHSA-W36J-HQCC-JVPP
Vulnerability from github – Published: 2024-11-04 12:32 – Updated: 2024-11-04 12:32Transient DOS while processing the CU information from RNR IE.
{
"affected": [],
"aliases": [
"CVE-2024-38405"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-04T10:15:06Z",
"severity": "HIGH"
},
"details": "Transient DOS while processing the CU information from RNR IE.",
"id": "GHSA-w36j-hqcc-jvpp",
"modified": "2024-11-04T12:32:56Z",
"published": "2024-11-04T12:32:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38405"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W3RX-344F-QXWH
Vulnerability from github – Published: 2025-05-06 09:31 – Updated: 2025-05-06 09:31Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
{
"affected": [],
"aliases": [
"CVE-2025-21475"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-06T09:15:24Z",
"severity": "HIGH"
},
"details": "Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.",
"id": "GHSA-w3rx-344f-qxwh",
"modified": "2025-05-06T09:31:34Z",
"published": "2025-05-06T09:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21475"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W4Q4-RW8X-3296
Vulnerability from github – Published: 2025-06-03 06:31 – Updated: 2025-06-03 06:31Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
{
"affected": [],
"aliases": [
"CVE-2024-53026"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-03T06:15:25Z",
"severity": "HIGH"
},
"details": "Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.",
"id": "GHSA-w4q4-rw8x-3296",
"modified": "2025-06-03T06:31:14Z",
"published": "2025-06-03T06:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53026"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-W576-X7C8-W498
Vulnerability from github – Published: 2024-03-12 18:31 – Updated: 2024-03-12 18:31Windows Kernel Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-26176"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-12T17:15:56Z",
"severity": "HIGH"
},
"details": "Windows Kernel Elevation of Privilege Vulnerability",
"id": "GHSA-w576-x7c8-w498",
"modified": "2024-03-12T18:31:14Z",
"published": "2024-03-12T18:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26176"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26176"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W5F5-53HC-VVMX
Vulnerability from github – Published: 2022-05-30 00:00 – Updated: 2022-06-09 00:00Buffer Over-read in GitHub repository vim/vim prior to 8.2.
{
"affected": [],
"aliases": [
"CVE-2022-1927"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-29T14:15:00Z",
"severity": "CRITICAL"
},
"details": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.",
"id": "GHSA-w5f5-53hc-vvmx",
"modified": "2022-06-09T00:00:22Z",
"published": "2022-05-30T00:00:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1927"
},
{
"type": "WEB",
"url": "https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202305-16"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213488"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W66Q-CHX8-5439
Vulnerability from github – Published: 2024-12-02 12:38 – Updated: 2024-12-02 12:38Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
{
"affected": [],
"aliases": [
"CVE-2024-33056"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-02T11:15:08Z",
"severity": "HIGH"
},
"details": "Memory corruption when allocating and accessing an entry in an SMEM partition continuously.",
"id": "GHSA-w66q-chx8-5439",
"modified": "2024-12-02T12:38:27Z",
"published": "2024-12-02T12:38:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33056"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W6XJ-4JX7-P88W
Vulnerability from github – Published: 2025-03-07 18:31 – Updated: 2025-03-07 18:31A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.
{
"affected": [],
"aliases": [
"CVE-2024-12975"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-07T17:15:18Z",
"severity": "LOW"
},
"details": "A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.",
"id": "GHSA-w6xj-4jx7-p88w",
"modified": "2025-03-07T18:31:05Z",
"published": "2025-03-07T18:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12975"
},
{
"type": "WEB",
"url": "https://community.silabs.com/069Vm00000LWXMeIAP"
},
{
"type": "WEB",
"url": "https://github.com/SiliconLabs/simplicity_sdk/releases"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W77J-CQM5-VGH4
Vulnerability from github – Published: 2026-05-04 18:30 – Updated: 2026-05-04 18:30Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.
{
"affected": [],
"aliases": [
"CVE-2025-47403"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-04T17:16:20Z",
"severity": "MODERATE"
},
"details": "Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.",
"id": "GHSA-w77j-cqm5-vgh4",
"modified": "2026-05-04T18:30:29Z",
"published": "2026-05-04T18:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47403"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W8VW-44WP-QV75
Vulnerability from github – Published: 2023-06-06 09:30 – Updated: 2024-04-04 04:34Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.
{
"affected": [],
"aliases": [
"CVE-2023-21658"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-06T08:15:12Z",
"severity": "HIGH"
},
"details": "Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.",
"id": "GHSA-w8vw-44wp-qv75",
"modified": "2024-04-04T04:34:43Z",
"published": "2023-06-06T09:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21658"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W98Q-7WF3-VG43
Vulnerability from github – Published: 2022-05-02 03:35 – Updated: 2026-05-27 18:31The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
{
"affected": [],
"aliases": [
"CVE-2009-2495"
],
"database_specific": {
"cwe_ids": [
"CWE-126",
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-07-29T17:30:00Z",
"severity": "HIGH"
},
"details": "The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka \"ATL Null String Vulnerability.\"",
"id": "GHSA-w98q-7wf3-vg43",
"modified": "2026-05-27T18:31:31Z",
"published": "2022-05-02T03:35:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2495"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-035"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-060"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6305"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6478"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7573"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=126592505426855\u0026w=2"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/35967"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36374"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36746"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-10.html"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html"
},
{
"type": "WEB",
"url": "http://www.novell.com/support/viewContent.do?externalId=7004997\u0026sliceId=1"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/2034"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.