CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
852 vulnerabilities reference this CWE, most recent first.
GHSA-X4R2-QWG8-443R
Vulnerability from github – Published: 2026-04-06 18:33 – Updated: 2026-04-06 18:33Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
{
"affected": [],
"aliases": [
"CVE-2026-21375"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-06T16:16:30Z",
"severity": "HIGH"
},
"details": "Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.",
"id": "GHSA-x4r2-qwg8-443r",
"modified": "2026-04-06T18:33:06Z",
"published": "2026-04-06T18:33:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21375"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X7F5-X9WP-MGQW
Vulnerability from github – Published: 2025-01-06 12:30 – Updated: 2025-01-06 12:30Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.
{
"affected": [],
"aliases": [
"CVE-2024-33061"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-06T11:15:08Z",
"severity": "MODERATE"
},
"details": "Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.",
"id": "GHSA-x7f5-x9wp-mgqw",
"modified": "2025-01-06T12:30:33Z",
"published": "2025-01-06T12:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33061"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-X883-2JFM-R5RM
Vulnerability from github – Published: 2023-09-12 18:30 – Updated: 2023-12-22 00:30Windows Kernel Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-36803"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-12T17:15:15Z",
"severity": "MODERATE"
},
"details": "Windows Kernel Information Disclosure Vulnerability",
"id": "GHSA-x883-2jfm-r5rm",
"modified": "2023-12-22T00:30:20Z",
"published": "2023-09-12T18:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36803"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36803"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/175109/Microsoft-Windows-Kernel-Out-Of-Bounds-Reads-Memory-Disclosure.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X89P-6RQM-64CC
Vulnerability from github – Published: 2023-11-14 18:30 – Updated: 2023-11-14 18:30Information Disclosure in WLAN Host when processing WMI event command.
{
"affected": [],
"aliases": [
"CVE-2023-28553"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-07T06:15:08Z",
"severity": "MODERATE"
},
"details": "Information Disclosure in WLAN Host when processing WMI event command.",
"id": "GHSA-x89p-6rqm-64cc",
"modified": "2023-11-14T18:30:25Z",
"published": "2023-11-14T18:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28553"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X8M4-FR4X-C3J5
Vulnerability from github – Published: 2024-09-02 12:30 – Updated: 2024-09-02 12:30Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).
{
"affected": [],
"aliases": [
"CVE-2024-23364"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-02T12:15:15Z",
"severity": "HIGH"
},
"details": "Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).",
"id": "GHSA-x8m4-fr4x-c3j5",
"modified": "2024-09-02T12:30:44Z",
"published": "2024-09-02T12:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23364"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XCF7-RVMH-G6Q4
Vulnerability from github – Published: 2023-06-21 22:07 – Updated: 2025-07-28 15:55When this function was passed an empty string, openssl would attempt to call strlen on it, reading arbitrary memory until it reached a NUL byte.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "openssl"
},
"ranges": [
{
"events": [
{
"introduced": "0.10.0"
},
{
"fixed": "0.10.55"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-53159"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": true,
"github_reviewed_at": "2023-06-21T22:07:52Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "When this function was passed an empty string, `openssl` would attempt to call `strlen` on it, reading arbitrary memory until it reached a NUL byte.",
"id": "GHSA-xcf7-rvmh-g6q4",
"modified": "2025-07-28T15:55:01Z",
"published": "2023-06-21T22:07:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53159"
},
{
"type": "WEB",
"url": "https://github.com/sfackler/rust-openssl/issues/1965"
},
{
"type": "WEB",
"url": "https://github.com/sfackler/rust-openssl/pull/1968"
},
{
"type": "PACKAGE",
"url": "https://github.com/sfackler/rust-openssl"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2023-0044.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "`openssl` `X509VerifyParamRef::set_host` buffer over-read"
}
GHSA-XCPX-H22F-M42V
Vulnerability from github – Published: 2024-02-07 18:30 – Updated: 2024-02-15 18:30A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources.
For a description of this vulnerability, see the ClamAV blog .
{
"affected": [],
"aliases": [
"CVE-2024-20290"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-07T17:15:10Z",
"severity": "HIGH"
},
"details": "A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\n\n This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources.\n\n For a description of this vulnerability, see the ClamAV blog .",
"id": "GHSA-xcpx-h22f-m42v",
"modified": "2024-02-15T18:30:40Z",
"published": "2024-02-07T18:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FXZYVDNV66RNMNVJOHAJAYRZV4U64CQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MUDUPAHAAV6FPB2C2QIQCFJ4SHYBOTY"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-hDffu6t"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XG3M-85R2-236X
Vulnerability from github – Published: 2025-12-01 15:30 – Updated: 2025-12-01 21:30Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses
{
"affected": [],
"aliases": [
"CVE-2025-12106"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-01T13:16:00Z",
"severity": "CRITICAL"
},
"details": "Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses",
"id": "GHSA-xg3m-85r2-236x",
"modified": "2025-12-01T21:30:25Z",
"published": "2025-12-01T15:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12106"
},
{
"type": "WEB",
"url": "https://community.openvpn.net/Security%20Announcements/CVE-2025-12106"
},
{
"type": "WEB",
"url": "https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00152.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XH73-WW8F-499F
Vulnerability from github – Published: 2024-08-05 15:30 – Updated: 2024-08-05 15:30Transient DOS during music playback of ALAC content.
{
"affected": [],
"aliases": [
"CVE-2024-21479"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-05T15:15:45Z",
"severity": "HIGH"
},
"details": "Transient DOS during music playback of ALAC content.",
"id": "GHSA-xh73-ww8f-499f",
"modified": "2024-08-05T15:30:53Z",
"published": "2024-08-05T15:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21479"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XHC7-32VM-6C85
Vulnerability from github – Published: 2023-04-13 09:30 – Updated: 2024-04-04 03:26Information disclosure in modem due to improper check of IP type while processing DNS server query
{
"affected": [],
"aliases": [
"CVE-2022-25730"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-13T07:15:00Z",
"severity": "HIGH"
},
"details": "Information disclosure in modem due to improper check of IP type while processing DNS server query",
"id": "GHSA-xhc7-32vm-6c85",
"modified": "2024-04-04T03:26:59Z",
"published": "2023-04-13T09:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25730"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.