CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
855 vulnerabilities reference this CWE, most recent first.
GHSA-244W-39H6-2F5R
Vulnerability from github – Published: 2023-10-10 18:31 – Updated: 2024-04-04 08:31Microsoft Message Queuing Denial of Service Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-36581"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-10T18:15:14Z",
"severity": "HIGH"
},
"details": "Microsoft Message Queuing Denial of Service Vulnerability",
"id": "GHSA-244w-39h6-2f5r",
"modified": "2024-04-04T08:31:06Z",
"published": "2023-10-10T18:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36581"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2756-G6W2-6HV2
Vulnerability from github – Published: 2026-06-08 18:31 – Updated: 2026-07-16 12:32Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server
This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
Users are recommended to upgrade to version 2.4.68, which fixes the issue.
{
"affected": [],
"aliases": [
"CVE-2026-44185"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-08T16:16:40Z",
"severity": "HIGH"
},
"details": "Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue.",
"id": "GHSA-2756-g6w2-6hv2",
"modified": "2026-07-16T12:32:24Z",
"published": "2026-06-08T18:31:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44185"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25042"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:34109"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-44185"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486397"
},
{
"type": "WEB",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44185.json"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/06/08/12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-2FJF-H46Q-8MFR
Vulnerability from github – Published: 2023-09-05 09:30 – Updated: 2024-04-04 07:28Transient DOS in WLAN firmware while parsing MLO (multi-link operation).
{
"affected": [],
"aliases": [
"CVE-2023-33016"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-05T07:15:14Z",
"severity": "HIGH"
},
"details": "Transient DOS in WLAN firmware while parsing MLO (multi-link operation).",
"id": "GHSA-2fjf-h46q-8mfr",
"modified": "2024-04-04T07:28:36Z",
"published": "2023-09-05T09:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33016"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2GF7-5H4R-X3P6
Vulnerability from github – Published: 2024-04-01 15:30 – Updated: 2024-04-01 15:30Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
{
"affected": [],
"aliases": [
"CVE-2023-33115"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-01T15:15:47Z",
"severity": "HIGH"
},
"details": "Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.",
"id": "GHSA-2gf7-5h4r-x3p6",
"modified": "2024-04-01T15:30:29Z",
"published": "2024-04-01T15:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33115"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2MHG-3M7F-9876
Vulnerability from github – Published: 2022-06-20 00:00 – Updated: 2022-06-28 00:00Buffer Over-read in GitHub repository vim/vim prior to 8.2.
{
"affected": [],
"aliases": [
"CVE-2022-2124"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-19T10:15:00Z",
"severity": "HIGH"
},
"details": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.",
"id": "GHSA-2mhg-3m7f-9876",
"modified": "2022-06-28T00:00:44Z",
"published": "2022-06-20T00:00:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2124"
},
{
"type": "WEB",
"url": "https://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202305-16"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213443"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213444"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213488"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/45"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2MQ3-P658-PX4G
Vulnerability from github – Published: 2023-01-04 12:30 – Updated: 2023-01-10 18:30In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
{
"affected": [],
"aliases": [
"CVE-2022-44446"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-04T10:15:00Z",
"severity": "MODERATE"
},
"details": "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.",
"id": "GHSA-2mq3-p658-px4g",
"modified": "2023-01-10T18:30:26Z",
"published": "2023-01-04T12:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44446"
},
{
"type": "WEB",
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2PCV-432J-J9CQ
Vulnerability from github – Published: 2024-10-18 00:31 – Updated: 2024-10-18 00:31Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-43595"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-17T23:15:16Z",
"severity": "MODERATE"
},
"details": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability",
"id": "GHSA-2pcv-432j-j9cq",
"modified": "2024-10-18T00:31:17Z",
"published": "2024-10-18T00:31:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43595"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43595"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2PGQ-W6MW-XJV4
Vulnerability from github – Published: 2023-04-13 09:30 – Updated: 2024-04-04 03:26Information disclosure due to buffer overread in Linux sensors
{
"affected": [],
"aliases": [
"CVE-2022-33297"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-13T07:15:00Z",
"severity": "MODERATE"
},
"details": "Information disclosure due to buffer overread in Linux sensors",
"id": "GHSA-2pgq-w6mw-xjv4",
"modified": "2024-04-04T03:26:12Z",
"published": "2023-04-13T09:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33297"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2Q66-6W43-8RM9
Vulnerability from github – Published: 2025-02-16 06:31 – Updated: 2025-02-16 06:31libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
{
"affected": [],
"aliases": [
"CVE-2024-57970"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-16T04:15:21Z",
"severity": "MODERATE"
},
"details": "libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.",
"id": "GHSA-2q66-6w43-8rm9",
"modified": "2025-02-16T06:31:45Z",
"published": "2025-02-16T06:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57970"
},
{
"type": "WEB",
"url": "https://github.com/libarchive/libarchive/issues/2415"
},
{
"type": "WEB",
"url": "https://github.com/libarchive/libarchive/pull/2422"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-2QFG-JCCX-W5CF
Vulnerability from github – Published: 2025-05-28 09:31 – Updated: 2025-05-28 09:31A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon via a specially crafted request, under rare conditions that are outside of the attacker's control.
{
"affected": [],
"aliases": [
"CVE-2025-47295"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-28T08:15:22Z",
"severity": "LOW"
},
"details": "A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon via a specially crafted request, under rare conditions that are outside of the attacker\u0027s control.",
"id": "GHSA-2qfg-jccx-w5cf",
"modified": "2025-05-28T09:31:27Z",
"published": "2025-05-28T09:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47295"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-381"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.