CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
853 vulnerabilities reference this CWE, most recent first.
GHSA-JJ76-44FX-5G9W
Vulnerability from github – Published: 2025-01-06 12:30 – Updated: 2025-01-06 12:30Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
{
"affected": [],
"aliases": [
"CVE-2024-45558"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-06T11:15:10Z",
"severity": "HIGH"
},
"details": "Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.",
"id": "GHSA-jj76-44fx-5g9w",
"modified": "2025-01-06T12:30:33Z",
"published": "2025-01-06T12:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45558"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JM5W-96W4-8PCQ
Vulnerability from github – Published: 2024-11-27 12:31 – Updated: 2025-11-04 00:32The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c
{
"affected": [],
"aliases": [
"CVE-2024-42333"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-27T12:15:21Z",
"severity": "LOW"
},
"details": "The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c",
"id": "GHSA-jm5w-96w4-8pcq",
"modified": "2025-11-04T00:32:08Z",
"published": "2024-11-27T12:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42333"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00005.html"
},
{
"type": "WEB",
"url": "https://support.zabbix.com/browse/ZBX-25629"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JPQR-VH55-XQXF
Vulnerability from github – Published: 2022-05-01 07:45 – Updated: 2025-04-09 15:16The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.5.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2006-7197"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": true,
"github_reviewed_at": "2024-02-12T16:45:52Z",
"nvd_published_at": "2007-04-25T20:19:00Z",
"severity": "HIGH"
},
"details": "The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the `ajp_process_callback` in mod_jk, which allows remote attackers to read portions of sensitive memory.",
"id": "GHSA-jpqr-vh55-xqxf",
"modified": "2025-04-09T15:16:43Z",
"published": "2022-05-01T07:45:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-7197"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20080511190321/http://www.securityfocus.com/bid/28477"
},
{
"type": "WEB",
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=381505"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/tomcat"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2008:0261"
},
{
"type": "WEB",
"url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=38859"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/28477"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Apache Tomcat Buffer Over-Read"
}
GHSA-M35F-PF48-R38Q
Vulnerability from github – Published: 2026-05-04 15:31 – Updated: 2026-05-04 18:30Buffer Over-read vulnerability in Apache HTTP Server.
This issue affects Apache HTTP Server: through 2.4.66.
Users are recommended to upgrade to version 2.4.67, which fixes the issue.
{
"affected": [],
"aliases": [
"CVE-2026-34059"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-04T13:16:00Z",
"severity": "HIGH"
},
"details": "Buffer Over-read vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: through 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.67, which fixes the issue.",
"id": "GHSA-m35f-pf48-r38q",
"modified": "2026-05-04T18:30:28Z",
"published": "2026-05-04T15:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34059"
},
{
"type": "WEB",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/17"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M57G-7H85-RCHP
Vulnerability from github – Published: 2024-12-02 12:38 – Updated: 2024-12-02 12:38Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
{
"affected": [],
"aliases": [
"CVE-2024-33037"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-02T11:15:07Z",
"severity": "MODERATE"
},
"details": "Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.",
"id": "GHSA-m57g-7h85-rchp",
"modified": "2024-12-02T12:38:27Z",
"published": "2024-12-02T12:38:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33037"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-M57V-FHQQ-H74X
Vulnerability from github – Published: 2023-10-03 06:30 – Updated: 2024-04-04 08:02Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
{
"affected": [],
"aliases": [
"CVE-2023-24849"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-03T06:15:23Z",
"severity": "HIGH"
},
"details": "Information Disclosure in data Modem while parsing an FMTP line in an SDP message.",
"id": "GHSA-m57v-fhqq-h74x",
"modified": "2024-04-04T08:02:44Z",
"published": "2023-10-03T06:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24849"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-M5GQ-92JX-FXCV
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
{
"affected": [],
"aliases": [
"CVE-2026-50485"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:17:54Z",
"severity": "MODERATE"
},
"details": "Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.",
"id": "GHSA-m5gq-92jx-fxcv",
"modified": "2026-07-14T18:32:27Z",
"published": "2026-07-14T18:32:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50485"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50485"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M5XF-4VHF-X33M
Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-62461"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-09T18:15:57Z",
"severity": "HIGH"
},
"details": "Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-m5xf-4vhf-x33m",
"modified": "2025-12-09T18:30:46Z",
"published": "2025-12-09T18:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62461"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62461"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M6MR-P6RR-QVH3
Vulnerability from github – Published: 2026-04-06 18:33 – Updated: 2026-04-06 18:33Cryptographic issue while copying data to a destination buffer without validating its size.
{
"affected": [],
"aliases": [
"CVE-2025-47400"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-06T16:16:28Z",
"severity": "HIGH"
},
"details": "Cryptographic issue while copying data to a destination buffer without validating its size.",
"id": "GHSA-m6mr-p6rr-qvh3",
"modified": "2026-04-06T18:33:05Z",
"published": "2026-04-06T18:33:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47400"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M76J-8HW5-PQGJ
Vulnerability from github – Published: 2025-10-24 18:31 – Updated: 2025-10-24 21:31PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function
{
"affected": [],
"aliases": [
"CVE-2025-60729"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-24T18:15:40Z",
"severity": "MODERATE"
},
"details": "PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function",
"id": "GHSA-m76j-8hw5-pqgj",
"modified": "2025-10-24T21:31:11Z",
"published": "2025-10-24T18:31:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60729"
},
{
"type": "WEB",
"url": "https://github.com/dengxmenglihua/cve/blob/main/PerfreeBlog/File%20Read/Arbitrary%20File%20Read%20Vulnerability%20in%20PerfreeBlog%20System.md"
},
{
"type": "WEB",
"url": "https://perfree.org.cn"
},
{
"type": "WEB",
"url": "http://perfreeblog.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.