Common Weakness Enumeration

CWE-126

Allowed

Buffer Over-read

Abstraction: Variant · Status: Draft

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

853 vulnerabilities reference this CWE, most recent first.

GHSA-VWHP-2664-H54X

Vulnerability from github – Published: 2022-12-06 09:30 – Updated: 2022-12-07 18:30
VLAI
Details

In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-42768"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-06T07:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.",
  "id": "GHSA-vwhp-2664-h54x",
  "modified": "2022-12-07T18:30:27Z",
  "published": "2022-12-06T09:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42768"
    },
    {
      "type": "WEB",
      "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W36J-HQCC-JVPP

Vulnerability from github – Published: 2024-11-04 12:32 – Updated: 2024-11-04 12:32
VLAI
Details

Transient DOS while processing the CU information from RNR IE.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38405"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-04T10:15:06Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS while processing the CU information from RNR IE.",
  "id": "GHSA-w36j-hqcc-jvpp",
  "modified": "2024-11-04T12:32:56Z",
  "published": "2024-11-04T12:32:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38405"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W3RX-344F-QXWH

Vulnerability from github – Published: 2025-05-06 09:31 – Updated: 2025-05-06 09:31
VLAI
Details

Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21475"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-06T09:15:24Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.",
  "id": "GHSA-w3rx-344f-qxwh",
  "modified": "2025-05-06T09:31:34Z",
  "published": "2025-05-06T09:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21475"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W4Q4-RW8X-3296

Vulnerability from github – Published: 2025-06-03 06:31 – Updated: 2025-06-03 06:31
VLAI
Details

Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-53026"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-03T06:15:25Z",
    "severity": "HIGH"
  },
  "details": "Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.",
  "id": "GHSA-w4q4-rw8x-3296",
  "modified": "2025-06-03T06:31:14Z",
  "published": "2025-06-03T06:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53026"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W576-X7C8-W498

Vulnerability from github – Published: 2024-03-12 18:31 – Updated: 2024-03-12 18:31
VLAI
Details

Windows Kernel Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26176"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-12T17:15:56Z",
    "severity": "HIGH"
  },
  "details": "Windows Kernel Elevation of Privilege Vulnerability",
  "id": "GHSA-w576-x7c8-w498",
  "modified": "2024-03-12T18:31:14Z",
  "published": "2024-03-12T18:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26176"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26176"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W5F5-53HC-VVMX

Vulnerability from github – Published: 2022-05-30 00:00 – Updated: 2022-06-09 00:00
VLAI
Details

Buffer Over-read in GitHub repository vim/vim prior to 8.2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-1927"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-29T14:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.",
  "id": "GHSA-w5f5-53hc-vvmx",
  "modified": "2022-06-09T00:00:22Z",
  "published": "2022-05-30T00:00:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1927"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202208-32"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202305-16"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213488"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Oct/28"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Oct/41"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W66Q-CHX8-5439

Vulnerability from github – Published: 2024-12-02 12:38 – Updated: 2024-12-02 12:38
VLAI
Details

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33056"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-02T11:15:08Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption when allocating and accessing an entry in an SMEM partition continuously.",
  "id": "GHSA-w66q-chx8-5439",
  "modified": "2024-12-02T12:38:27Z",
  "published": "2024-12-02T12:38:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33056"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W6XJ-4JX7-P88W

Vulnerability from github – Published: 2025-03-07 18:31 – Updated: 2025-03-07 18:31
VLAI
Details

A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-12975"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-07T17:15:18Z",
    "severity": "LOW"
  },
  "details": "A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.",
  "id": "GHSA-w6xj-4jx7-p88w",
  "modified": "2025-03-07T18:31:05Z",
  "published": "2025-03-07T18:31:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12975"
    },
    {
      "type": "WEB",
      "url": "https://community.silabs.com/069Vm00000LWXMeIAP"
    },
    {
      "type": "WEB",
      "url": "https://github.com/SiliconLabs/simplicity_sdk/releases"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-W77J-CQM5-VGH4

Vulnerability from github – Published: 2026-05-04 18:30 – Updated: 2026-05-04 18:30
VLAI
Details

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-47403"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-04T17:16:20Z",
    "severity": "MODERATE"
  },
  "details": "Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.",
  "id": "GHSA-w77j-cqm5-vgh4",
  "modified": "2026-05-04T18:30:29Z",
  "published": "2026-05-04T18:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47403"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W8VW-44WP-QV75

Vulnerability from github – Published: 2023-06-06 09:30 – Updated: 2024-04-04 04:34
VLAI
Details

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-21658"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-06T08:15:12Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.",
  "id": "GHSA-w8vw-44wp-qv75",
  "modified": "2024-04-04T04:34:43Z",
  "published": "2023-06-06T09:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21658"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.