Common Weakness Enumeration

CWE-126

Allowed

Buffer Over-read

Abstraction: Variant · Status: Draft

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

853 vulnerabilities reference this CWE, most recent first.

GHSA-JJ76-44FX-5G9W

Vulnerability from github – Published: 2025-01-06 12:30 – Updated: 2025-01-06 12:30
VLAI
Details

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45558"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-06T11:15:10Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.",
  "id": "GHSA-jj76-44fx-5g9w",
  "modified": "2025-01-06T12:30:33Z",
  "published": "2025-01-06T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45558"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JM5W-96W4-8PCQ

Vulnerability from github – Published: 2024-11-27 12:31 – Updated: 2025-11-04 00:32
VLAI
Details

The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42333"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-27T12:15:21Z",
    "severity": "LOW"
  },
  "details": "The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c",
  "id": "GHSA-jm5w-96w4-8pcq",
  "modified": "2025-11-04T00:32:08Z",
  "published": "2024-11-27T12:31:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42333"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "https://support.zabbix.com/browse/ZBX-25629"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JPQR-VH55-XQXF

Vulnerability from github – Published: 2022-05-01 07:45 – Updated: 2025-04-09 15:16
VLAI
Summary
Apache Tomcat Buffer Over-Read
Details

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "5.5.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2006-7197"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-12T16:45:52Z",
    "nvd_published_at": "2007-04-25T20:19:00Z",
    "severity": "HIGH"
  },
  "details": "The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the `ajp_process_callback` in mod_jk, which allows remote attackers to read portions of sensitive memory.",
  "id": "GHSA-jpqr-vh55-xqxf",
  "modified": "2025-04-09T15:16:43Z",
  "published": "2022-05-01T07:45:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-7197"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20080511190321/http://www.securityfocus.com/bid/28477"
    },
    {
      "type": "WEB",
      "url": "https://svn.apache.org/viewvc?view=revision\u0026revision=381505"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tomcat"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2008:0261"
    },
    {
      "type": "WEB",
      "url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=38859"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/28477"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Apache Tomcat Buffer Over-Read"
}

GHSA-M35F-PF48-R38Q

Vulnerability from github – Published: 2026-05-04 15:31 – Updated: 2026-05-04 18:30
VLAI
Details

Buffer Over-read vulnerability in Apache HTTP Server.

This issue affects Apache HTTP Server: through 2.4.66.

Users are recommended to upgrade to version 2.4.67, which fixes the issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-34059"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-04T13:16:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer Over-read vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: through 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.67, which fixes the issue.",
  "id": "GHSA-m35f-pf48-r38q",
  "modified": "2026-05-04T18:30:28Z",
  "published": "2026-05-04T15:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34059"
    },
    {
      "type": "WEB",
      "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/04/17"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M57G-7H85-RCHP

Vulnerability from github – Published: 2024-12-02 12:38 – Updated: 2024-12-02 12:38
VLAI
Details

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33037"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-02T11:15:07Z",
    "severity": "MODERATE"
  },
  "details": "Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.",
  "id": "GHSA-m57g-7h85-rchp",
  "modified": "2024-12-02T12:38:27Z",
  "published": "2024-12-02T12:38:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33037"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M57V-FHQQ-H74X

Vulnerability from github – Published: 2023-10-03 06:30 – Updated: 2024-04-04 08:02
VLAI
Details

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-24849"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-03T06:15:23Z",
    "severity": "HIGH"
  },
  "details": "Information Disclosure in data Modem while parsing an FMTP line in an SDP message.",
  "id": "GHSA-m57v-fhqq-h74x",
  "modified": "2024-04-04T08:02:44Z",
  "published": "2023-10-03T06:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24849"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M5GQ-92JX-FXCV

Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32
VLAI
Details

Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-50485"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-14T18:17:54Z",
    "severity": "MODERATE"
  },
  "details": "Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.",
  "id": "GHSA-m5gq-92jx-fxcv",
  "modified": "2026-07-14T18:32:27Z",
  "published": "2026-07-14T18:32:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50485"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50485"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M5XF-4VHF-X33M

Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30
VLAI
Details

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-62461"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-09T18:15:57Z",
    "severity": "HIGH"
  },
  "details": "Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.",
  "id": "GHSA-m5xf-4vhf-x33m",
  "modified": "2025-12-09T18:30:46Z",
  "published": "2025-12-09T18:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62461"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62461"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6MR-P6RR-QVH3

Vulnerability from github – Published: 2026-04-06 18:33 – Updated: 2026-04-06 18:33
VLAI
Details

Cryptographic issue while copying data to a destination buffer without validating its size.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-47400"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-06T16:16:28Z",
    "severity": "HIGH"
  },
  "details": "Cryptographic issue while copying data to a destination buffer without validating its size.",
  "id": "GHSA-m6mr-p6rr-qvh3",
  "modified": "2026-04-06T18:33:05Z",
  "published": "2026-04-06T18:33:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47400"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M76J-8HW5-PQGJ

Vulnerability from github – Published: 2025-10-24 18:31 – Updated: 2025-10-24 21:31
VLAI
Details

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-60729"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-24T18:15:40Z",
    "severity": "MODERATE"
  },
  "details": "PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function",
  "id": "GHSA-m76j-8hw5-pqgj",
  "modified": "2025-10-24T21:31:11Z",
  "published": "2025-10-24T18:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60729"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dengxmenglihua/cve/blob/main/PerfreeBlog/File%20Read/Arbitrary%20File%20Read%20Vulnerability%20in%20PerfreeBlog%20System.md"
    },
    {
      "type": "WEB",
      "url": "https://perfree.org.cn"
    },
    {
      "type": "WEB",
      "url": "http://perfreeblog.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.