Common Weakness Enumeration

CWE-126

Allowed

Buffer Over-read

Abstraction: Variant · Status: Draft

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

852 vulnerabilities reference this CWE, most recent first.

GHSA-J5HH-F9RM-FX9X

Vulnerability from github – Published: 2023-03-10 21:30 – Updated: 2023-03-16 18:30
VLAI
Details

Transient DOS due to buffer over-read in WLAN while sending a packet to device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-40535"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-10T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS due to buffer over-read in WLAN while sending a packet to device.",
  "id": "GHSA-j5hh-f9rm-fx9x",
  "modified": "2023-03-16T18:30:29Z",
  "published": "2023-03-10T21:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40535"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J5R8-F5XJ-3H83

Vulnerability from github – Published: 2024-03-04 12:31 – Updated: 2024-03-04 12:31
VLAI
Details

Transient DOS while processing channel information for speaker protection v2 module in ADSP.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-33090"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-04T11:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Transient DOS while processing channel information for speaker protection v2 module in ADSP.",
  "id": "GHSA-j5r8-f5xj-3h83",
  "modified": "2024-03-04T12:31:10Z",
  "published": "2024-03-04T12:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33090"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J6JJ-54CR-3F4V

Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31
VLAI
Details

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-47973"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T17:15:37Z",
    "severity": "HIGH"
  },
  "details": "Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.",
  "id": "GHSA-j6jj-54cr-3f4v",
  "modified": "2025-07-08T18:31:44Z",
  "published": "2025-07-08T18:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47973"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47973"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J7MC-P6QR-W5W5

Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30
VLAI
Details

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-62473"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-09T18:15:59Z",
    "severity": "MODERATE"
  },
  "details": "Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.",
  "id": "GHSA-j7mc-p6qr-w5w5",
  "modified": "2025-12-09T18:30:46Z",
  "published": "2025-12-09T18:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62473"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62473"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JC9X-PXC5-CQ7F

Vulnerability from github – Published: 2025-04-08 18:34 – Updated: 2025-04-08 18:34
VLAI
Details

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21203"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-08T18:15:45Z",
    "severity": "MODERATE"
  },
  "details": "Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.",
  "id": "GHSA-jc9x-pxc5-cq7f",
  "modified": "2025-04-08T18:34:44Z",
  "published": "2025-04-08T18:34:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21203"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21203"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JCJW-FRM7-94F5

Vulnerability from github – Published: 2024-11-12 18:30 – Updated: 2024-11-12 18:30
VLAI
Details

A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9843"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-12T17:15:11Z",
    "severity": "MODERATE"
  },
  "details": "A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.",
  "id": "GHSA-jcjw-frm7-94f5",
  "modified": "2024-11-12T18:30:57Z",
  "published": "2024-11-12T18:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9843"
    },
    {
      "type": "WEB",
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JF35-V6MP-XVP9

Vulnerability from github – Published: 2024-08-05 15:30 – Updated: 2024-08-05 15:30
VLAI
Details

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33018"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-05T15:15:50Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.",
  "id": "GHSA-jf35-v6mp-xvp9",
  "modified": "2024-08-05T15:30:53Z",
  "published": "2024-08-05T15:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33018"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JGM2-W45W-592C

Vulnerability from github – Published: 2023-11-09 00:33 – Updated: 2023-11-09 00:33
VLAI
Details

A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-43572"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-08T23:15:08Z",
    "severity": "MODERATE"
  },
  "details": "A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.\n\n",
  "id": "GHSA-jgm2-w45w-592c",
  "modified": "2023-11-09T00:33:56Z",
  "published": "2023-11-09T00:33:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43572"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-141775"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JHF3-VV63-C68V

Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-10-14 18:30
VLAI
Details

Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-55325"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-14T17:15:45Z",
    "severity": "MODERATE"
  },
  "details": "Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.",
  "id": "GHSA-jhf3-vv63-c68v",
  "modified": "2025-10-14T18:30:30Z",
  "published": "2025-10-14T18:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55325"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55325"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JJ76-44FX-5G9W

Vulnerability from github – Published: 2025-01-06 12:30 – Updated: 2025-01-06 12:30
VLAI
Details

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45558"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-06T11:15:10Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.",
  "id": "GHSA-jj76-44fx-5g9w",
  "modified": "2025-01-06T12:30:33Z",
  "published": "2025-01-06T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45558"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.