Common Weakness Enumeration

CWE-125

Allowed

Out-of-bounds Read

Abstraction: Base · Status: Draft

The product reads data past the end, or before the beginning, of the intended buffer.

11281 vulnerabilities reference this CWE, most recent first.

GHSA-M67J-3PVH-3WP8

Vulnerability from github – Published: 2022-05-14 03:27 – Updated: 2022-05-14 03:27
VLAI
Details

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-4160"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-03T06:29:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.",
  "id": "GHSA-m67j-3pvh-3wp8",
  "modified": "2022-05-14T03:27:12Z",
  "published": "2022-05-14T03:27:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4160"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208692"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103582"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040608"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M67W-FF73-8944

Vulnerability from github – Published: 2023-05-16 00:30 – Updated: 2024-04-04 04:10
VLAI
Details

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-20698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-15T22:15:10Z",
    "severity": "MODERATE"
  },
  "details": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.",
  "id": "GHSA-m67w-ff73-8944",
  "modified": "2024-04-04T04:10:10Z",
  "published": "2023-05-16T00:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20698"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M685-84XG-FVFJ

Vulnerability from github – Published: 2025-09-16 15:32 – Updated: 2026-05-12 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

Observed on kernel 6.6 (present on master as well):

BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasan_check_range+0xe8/0x190 __asan_loadN+0x1c/0x28 memcmp+0x98/0xd0 efivarfs_d_compare+0x68/0xd8 __d_lookup_rcu_op_compare+0x178/0x218 __d_lookup_rcu+0x1f8/0x228 d_alloc_parallel+0x150/0x648 lookup_open.isra.0+0x5f0/0x8d0 open_last_lookups+0x264/0x828 path_openat+0x130/0x3f8 do_filp_open+0x114/0x248 do_sys_openat2+0x340/0x3c0 __arm64_sys_openat+0x120/0x1a0

If dentry->d_name.len < EFI_VARIABLE_GUID_LEN , 'guid' can become negative, leadings to oob. The issue can be triggered by parallel lookups using invalid filename:

T1 T2 lookup_open ->lookup simple_lookup d_add // invalid dentry is added to hash list

        lookup_open
         d_alloc_parallel
          __d_lookup_rcu
           __d_lookup_rcu_op_compare
            hlist_bl_for_each_entry_rcu
            // invalid dentry can be retrieved
             ->d_compare
              efivarfs_d_compare
              // oob

Fix it by checking 'guid' before cmp.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-39817"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-16T13:15:57Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Fix slab-out-of-bounds in efivarfs_d_compare\n\nObserved on kernel 6.6 (present on master as well):\n\n  BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0\n  Call trace:\n   kasan_check_range+0xe8/0x190\n   __asan_loadN+0x1c/0x28\n   memcmp+0x98/0xd0\n   efivarfs_d_compare+0x68/0xd8\n   __d_lookup_rcu_op_compare+0x178/0x218\n   __d_lookup_rcu+0x1f8/0x228\n   d_alloc_parallel+0x150/0x648\n   lookup_open.isra.0+0x5f0/0x8d0\n   open_last_lookups+0x264/0x828\n   path_openat+0x130/0x3f8\n   do_filp_open+0x114/0x248\n   do_sys_openat2+0x340/0x3c0\n   __arm64_sys_openat+0x120/0x1a0\n\nIf dentry-\u003ed_name.len \u003c EFI_VARIABLE_GUID_LEN , \u0027guid\u0027 can become\nnegative, leadings to oob. The issue can be triggered by parallel\nlookups using invalid filename:\n\n  T1\t\t\tT2\n  lookup_open\n   -\u003elookup\n    simple_lookup\n     d_add\n     // invalid dentry is added to hash list\n\n\t\t\tlookup_open\n\t\t\t d_alloc_parallel\n\t\t\t  __d_lookup_rcu\n\t\t\t   __d_lookup_rcu_op_compare\n\t\t\t    hlist_bl_for_each_entry_rcu\n\t\t\t    // invalid dentry can be retrieved\n\t\t\t     -\u003ed_compare\n\t\t\t      efivarfs_d_compare\n\t\t\t      // oob\n\nFix it by checking \u0027guid\u0027 before cmp.",
  "id": "GHSA-m685-84xg-fvfj",
  "modified": "2026-05-12T15:31:08Z",
  "published": "2025-09-16T15:32:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39817"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0f63fbabeaaaaaaf5b742a2f4c1b4590d50bf1f6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/568e7761279b99c6daa3002290fd6d8047ddb6d2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/71581a82f38e5a4d807d71fc1bb59aead80ccf95"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/794399019301944fd6d2e0d7a51b3327e26c410e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/925599eba46045930b850a98ae594d2e3028ac40"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a6358f8cf64850f3f27857b8ed8c1b08cfc4685c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c2925cd6207079c3f4d040d082515db78d63afbf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d7f5e35e70507d10cbaff5f9e194ed54c4ee14f7"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6F6-XRCP-8VJQ

Vulnerability from github – Published: 2022-05-17 02:37 – Updated: 2022-05-17 02:37
VLAI
Details

The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8927"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-09-20T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password.",
  "id": "GHSA-m6f6-xrcp-8vjq",
  "modified": "2022-05-17T02:37:56Z",
  "published": "2022-05-17T02:37:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8927"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libarchive/libarchive/issues/523"
    },
    {
      "type": "WEB",
      "url": "https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201701-03"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/06/17/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/06/17/5"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91329"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6H5-RRVC-44JH

Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2022-05-24 17:46
VLAI
Details

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to heap corruption.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-29617"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-02T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to heap corruption.",
  "id": "GHSA-m6h5-rrvc-44jh",
  "modified": "2022-05-24T17:46:12Z",
  "published": "2022-05-24T17:46:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29617"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212003"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212005"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212009"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212011"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212145"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-M6W2-QGM5-6XWG

Vulnerability from github – Published: 2022-07-18 00:00 – Updated: 2022-07-26 00:01
VLAI
Details

An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading a DWG file with an invalid vertex number in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-28809"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-17T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading a DWG file with an invalid vertex number in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.",
  "id": "GHSA-m6w2-qgm5-6xwg",
  "modified": "2022-07-26T00:01:06Z",
  "published": "2022-07-18T00:00:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28809"
    },
    {
      "type": "WEB",
      "url": "https://www.opendesign.com/security-advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6W8-X5RF-59XW

Vulnerability from github – Published: 2023-03-28 21:30 – Updated: 2023-03-28 21:30
VLAI
Details

Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-25892"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-28T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-m6w8-x5rf-59xw",
  "modified": "2023-03-28T21:30:19Z",
  "published": "2023-03-28T21:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25892"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/dimension/apsb23-20.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6XM-PHGV-VPFC

Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-05-24 19:12
VLAI
Details

Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-36071"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-01T15:15:00Z",
    "severity": "LOW"
  },
  "details": "Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-m6xm-phgv-vpfc",
  "modified": "2022-05-24T19:12:43Z",
  "published": "2022-05-24T19:12:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36071"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/bridge/apsb21-69.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-M726-WX7P-68R7

Vulnerability from github – Published: 2022-05-13 01:08 – Updated: 2022-05-13 01:08
VLAI
Details

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write past buffers allocated for the data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-9025"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-02-22T23:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write past buffers allocated for the data.",
  "id": "GHSA-m726-wx7p-68r7",
  "modified": "2022-05-13T01:08:19Z",
  "published": "2022-05-13T01:08:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9025"
    },
    {
      "type": "WEB",
      "url": "https://bugs.php.net/bug.php?id=77367"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20190321-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M764-W2R9-692R

Vulnerability from github – Published: 2022-05-13 01:25 – Updated: 2022-05-13 01:25
VLAI
Details

An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-14610"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-27T04:29:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c.",
  "id": "GHSA-m764-w2r9-692r",
  "modified": "2022-05-13T01:25:50Z",
  "published": "2022-05-13T01:25:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14610"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.kernel.org/show_bug.cgi?id=199837"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://patchwork.kernel.org/patch/10503415"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3932-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3932-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4094-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4118-1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104917"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
  • To reduce the likelihood of introducing an out-of-bounds read, ensure that you validate and ensure correct calculations for any length argument, buffer size calculation, or offset. Be especially careful of relying on a sentinel (i.e. special character such as NUL) in untrusted inputs.
Mitigation
Architecture and Design

Strategy: Language Selection

Use a language that provides appropriate memory abstractions.

CAPEC-540: Overread Buffers

An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.