CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
855 vulnerabilities reference this CWE, most recent first.
GHSA-6V7V-J76P-2497
Vulnerability from github – Published: 2023-02-12 06:30 – Updated: 2023-02-21 18:30Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
{
"affected": [],
"aliases": [
"CVE-2022-33306"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-12T04:15:00Z",
"severity": "HIGH"
},
"details": "Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.",
"id": "GHSA-6v7v-j76p-2497",
"modified": "2023-02-21T18:30:19Z",
"published": "2023-02-12T06:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33306"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6X46-2273-XJJF
Vulnerability from github – Published: 2025-05-08 15:31 – Updated: 2025-05-09 18:30Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.
{
"affected": [],
"aliases": [
"CVE-2025-4207"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-08T15:15:48Z",
"severity": "MODERATE"
},
"details": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.",
"id": "GHSA-6x46-2273-xjjf",
"modified": "2025-05-09T18:30:36Z",
"published": "2025-05-08T15:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html"
},
{
"type": "WEB",
"url": "https://www.postgresql.org/support/security/CVE-2025-4207"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/05/09/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6X6M-5PH5-WHRW
Vulnerability from github – Published: 2022-12-06 09:30 – Updated: 2022-12-08 06:30In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
{
"affected": [],
"aliases": [
"CVE-2022-42779"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-06T07:15:00Z",
"severity": "MODERATE"
},
"details": "In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.",
"id": "GHSA-6x6m-5ph5-whrw",
"modified": "2022-12-08T06:30:30Z",
"published": "2022-12-06T09:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42779"
},
{
"type": "WEB",
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-727J-8989-82F7
Vulnerability from github – Published: 2024-08-05 15:30 – Updated: 2024-08-05 15:30Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
{
"affected": [],
"aliases": [
"CVE-2024-33015"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-05T15:15:50Z",
"severity": "HIGH"
},
"details": "Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.",
"id": "GHSA-727j-8989-82f7",
"modified": "2024-08-05T15:30:53Z",
"published": "2024-08-05T15:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33015"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-72R8-34HV-3QJH
Vulnerability from github – Published: 2024-10-07 15:31 – Updated: 2024-10-07 15:31Information disclosure while parsing the multiple MBSSID IEs from the beacon.
{
"affected": [],
"aliases": [
"CVE-2024-33064"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-07T13:15:12Z",
"severity": "HIGH"
},
"details": "Information disclosure while parsing the multiple MBSSID IEs from the beacon.",
"id": "GHSA-72r8-34hv-3qjh",
"modified": "2024-10-07T15:31:39Z",
"published": "2024-10-07T15:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33064"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-7536-9WJX-XGP5
Vulnerability from github – Published: 2025-09-24 18:30 – Updated: 2025-09-24 18:30Information disclosure while running video usecase having rogue firmware.
{
"affected": [],
"aliases": [
"CVE-2025-27033"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-24T16:15:35Z",
"severity": "MODERATE"
},
"details": "Information disclosure while running video usecase having rogue firmware.",
"id": "GHSA-7536-9wjx-xgp5",
"modified": "2025-09-24T18:30:30Z",
"published": "2025-09-24T18:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27033"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-75CG-PP3Q-VRG5
Vulnerability from github – Published: 2026-05-04 18:30 – Updated: 2026-05-04 18:30Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.
{
"affected": [],
"aliases": [
"CVE-2025-47406"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-04T17:16:20Z",
"severity": "MODERATE"
},
"details": "Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.",
"id": "GHSA-75cg-pp3q-vrg5",
"modified": "2026-05-04T18:30:30Z",
"published": "2026-05-04T18:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47406"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-75GW-FW7P-53R3
Vulnerability from github – Published: 2023-11-14 18:30 – Updated: 2023-11-14 18:30Information disclosure in WLAN HAL while handling the WMI state info command.
{
"affected": [],
"aliases": [
"CVE-2023-28566"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-07T06:15:09Z",
"severity": "MODERATE"
},
"details": "Information disclosure in WLAN HAL while handling the WMI state info command.",
"id": "GHSA-75gw-fw7p-53r3",
"modified": "2023-11-14T18:30:26Z",
"published": "2023-11-14T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28566"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-76J3-5WCX-CQCG
Vulnerability from github – Published: 2026-04-30 09:30 – Updated: 2026-04-30 15:30Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
{
"affected": [],
"aliases": [
"CVE-2026-6532"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-30T07:16:40Z",
"severity": "MODERATE"
},
"details": "Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service",
"id": "GHSA-76j3-5wcx-cqcg",
"modified": "2026-04-30T15:30:39Z",
"published": "2026-04-30T09:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6532"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/21128"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/21129"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/work_items/21129"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2026-29.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-77RQ-3336-8W4X
Vulnerability from github – Published: 2024-11-26 15:31 – Updated: 2024-11-26 15:31An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'
{
"affected": [],
"aliases": [
"CVE-2018-5852"
],
"database_specific": {
"cwe_ids": [
"CWE-126",
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-26T14:15:17Z",
"severity": "HIGH"
},
"details": "An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command \u0027cat /sys/kernel/debug/ipa/ip4_nat\u0027",
"id": "GHSA-77rq-3336-8w4x",
"modified": "2024-11-26T15:31:01Z",
"published": "2024-11-26T15:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5852"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.