CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
853 vulnerabilities reference this CWE, most recent first.
GHSA-9XQV-VX9R-6F38
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-10-08 00:00A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13197)
{
"affected": [],
"aliases": [
"CVE-2021-34302"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126",
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-13T11:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in JT2Go (All versions \u003c V13.2), Teamcenter Visualization (All versions \u003c V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13197)",
"id": "GHSA-9xqv-vx9r-6f38",
"modified": "2022-10-08T00:00:17Z",
"published": "2022-05-24T19:07:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34302"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-847"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C25G-PGW4-RQFG
Vulnerability from github – Published: 2024-06-03 12:30 – Updated: 2024-06-03 12:30Information disclosure while handling T2LM Action Frame in WLAN Host.
{
"affected": [],
"aliases": [
"CVE-2023-43537"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-03T10:15:09Z",
"severity": "MODERATE"
},
"details": "Information disclosure while handling T2LM Action Frame in WLAN Host.",
"id": "GHSA-c25g-pgw4-rqfg",
"modified": "2024-06-03T12:30:38Z",
"published": "2024-06-03T12:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43537"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-C28F-6HFG-FFCC
Vulnerability from github – Published: 2025-02-03 18:30 – Updated: 2025-02-03 18:30Information disclosure during audio playback.
{
"affected": [],
"aliases": [
"CVE-2024-38416"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-03T17:15:17Z",
"severity": "MODERATE"
},
"details": "Information disclosure during audio playback.",
"id": "GHSA-c28f-6hfg-ffcc",
"modified": "2025-02-03T18:30:41Z",
"published": "2025-02-03T18:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38416"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-C44G-2JV9-3436
Vulnerability from github – Published: 2024-01-02 06:30 – Updated: 2024-01-02 06:30Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
{
"affected": [],
"aliases": [
"CVE-2023-33112"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-02T06:15:11Z",
"severity": "HIGH"
},
"details": "Transient DOS when WLAN firmware receives \"reassoc response\" frame including RIC_DATA element.",
"id": "GHSA-c44g-2jv9-3436",
"modified": "2024-01-02T06:30:31Z",
"published": "2024-01-02T06:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33112"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C53G-CP64-5XH5
Vulnerability from github – Published: 2025-10-09 06:30 – Updated: 2025-10-09 06:30Transient DOS while processing video packets received from video firmware.
{
"affected": [],
"aliases": [
"CVE-2025-27041"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-09T04:16:36Z",
"severity": "MODERATE"
},
"details": "Transient DOS while processing video packets received from video firmware.",
"id": "GHSA-c53g-cp64-5xh5",
"modified": "2025-10-09T06:30:24Z",
"published": "2025-10-09T06:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27041"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C6GG-Q5F6-74FH
Vulnerability from github – Published: 2023-04-12 21:30 – Updated: 2024-04-04 03:25On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
{
"affected": [],
"aliases": [
"CVE-2023-24513"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-12T20:15:00Z",
"severity": "HIGH"
},
"details": "On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.",
"id": "GHSA-c6gg-q5f6-74fh",
"modified": "2024-04-04T03:25:40Z",
"published": "2023-04-12T21:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24513"
},
{
"type": "WEB",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17240-security-advisory-0085"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C8WW-P8QH-GJR8
Vulnerability from github – Published: 2025-04-07 12:33 – Updated: 2025-04-07 12:33Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
{
"affected": [],
"aliases": [
"CVE-2025-21430"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-07T11:15:51Z",
"severity": "HIGH"
},
"details": "Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.",
"id": "GHSA-c8ww-p8qh-gjr8",
"modified": "2025-04-07T12:33:19Z",
"published": "2025-04-07T12:33:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21430"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C98F-FQ4V-V6R3
Vulnerability from github – Published: 2025-05-06 09:31 – Updated: 2025-05-06 09:31Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
{
"affected": [],
"aliases": [
"CVE-2024-49847"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-06T09:15:22Z",
"severity": "HIGH"
},
"details": "Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.",
"id": "GHSA-c98f-fq4v-v6r3",
"modified": "2025-05-06T09:31:33Z",
"published": "2025-05-06T09:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49847"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CF88-F3CC-2R22
Vulnerability from github – Published: 2025-01-06 12:30 – Updated: 2025-01-06 12:30Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend.
{
"affected": [],
"aliases": [
"CVE-2024-45559"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-06T11:15:10Z",
"severity": "MODERATE"
},
"details": "Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend.",
"id": "GHSA-cf88-f3cc-2r22",
"modified": "2025-01-06T12:30:33Z",
"published": "2025-01-06T12:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45559"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CFCV-VWXF-FG7X
Vulnerability from github – Published: 2023-07-14 09:30 – Updated: 2025-11-04 00:30iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file
{
"affected": [],
"aliases": [
"CVE-2023-3649"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-14T07:15:08Z",
"severity": "MODERATE"
},
"details": "iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file",
"id": "GHSA-cfcv-vwxf-fg7x",
"modified": "2025-11-04T00:30:38Z",
"published": "2023-07-14T09:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3649"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19164"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2023-22.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.