Common Weakness Enumeration

CWE-126

Allowed

Buffer Over-read

Abstraction: Variant · Status: Draft

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

854 vulnerabilities reference this CWE, most recent first.

GHSA-9VC7-J86J-JM7H

Vulnerability from github – Published: 2024-08-13 18:31 – Updated: 2024-08-13 18:31
VLAI
Details

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38135"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-13T18:15:16Z",
    "severity": "HIGH"
  },
  "details": "Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability",
  "id": "GHSA-9vc7-j86j-jm7h",
  "modified": "2024-08-13T18:31:16Z",
  "published": "2024-08-13T18:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38135"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38135"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9XQV-VX9R-6F38

Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-10-08 00:00
VLAI
Details

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13197)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-34302"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126",
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-13T11:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in JT2Go (All versions \u003c V13.2), Teamcenter Visualization (All versions \u003c V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13197)",
  "id": "GHSA-9xqv-vx9r-6f38",
  "modified": "2022-10-08T00:00:17Z",
  "published": "2022-05-24T19:07:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34302"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-847"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C25G-PGW4-RQFG

Vulnerability from github – Published: 2024-06-03 12:30 – Updated: 2024-06-03 12:30
VLAI
Details

Information disclosure while handling T2LM Action Frame in WLAN Host.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-43537"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-03T10:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Information disclosure while handling T2LM Action Frame in WLAN Host.",
  "id": "GHSA-c25g-pgw4-rqfg",
  "modified": "2024-06-03T12:30:38Z",
  "published": "2024-06-03T12:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43537"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C28F-6HFG-FFCC

Vulnerability from github – Published: 2025-02-03 18:30 – Updated: 2025-02-03 18:30
VLAI
Details

Information disclosure during audio playback.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38416"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-03T17:15:17Z",
    "severity": "MODERATE"
  },
  "details": "Information disclosure during audio playback.",
  "id": "GHSA-c28f-6hfg-ffcc",
  "modified": "2025-02-03T18:30:41Z",
  "published": "2025-02-03T18:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38416"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C44G-2JV9-3436

Vulnerability from github – Published: 2024-01-02 06:30 – Updated: 2024-01-02 06:30
VLAI
Details

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-33112"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-02T06:15:11Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS when WLAN firmware receives \"reassoc response\" frame including RIC_DATA element.",
  "id": "GHSA-c44g-2jv9-3436",
  "modified": "2024-01-02T06:30:31Z",
  "published": "2024-01-02T06:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33112"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C53G-CP64-5XH5

Vulnerability from github – Published: 2025-10-09 06:30 – Updated: 2025-10-09 06:30
VLAI
Details

Transient DOS while processing video packets received from video firmware.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27041"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-09T04:16:36Z",
    "severity": "MODERATE"
  },
  "details": "Transient DOS while processing video packets received from video firmware.",
  "id": "GHSA-c53g-cp64-5xh5",
  "modified": "2025-10-09T06:30:24Z",
  "published": "2025-10-09T06:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27041"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C6GG-Q5F6-74FH

Vulnerability from github – Published: 2023-04-12 21:30 – Updated: 2024-04-04 03:25
VLAI
Details

On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-24513"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-12T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.",
  "id": "GHSA-c6gg-q5f6-74fh",
  "modified": "2024-04-04T03:25:40Z",
  "published": "2023-04-12T21:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24513"
    },
    {
      "type": "WEB",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17240-security-advisory-0085"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C8WW-P8QH-GJR8

Vulnerability from github – Published: 2025-04-07 12:33 – Updated: 2025-04-07 12:33
VLAI
Details

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21430"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-07T11:15:51Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.",
  "id": "GHSA-c8ww-p8qh-gjr8",
  "modified": "2025-04-07T12:33:19Z",
  "published": "2025-04-07T12:33:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21430"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C98F-FQ4V-V6R3

Vulnerability from github – Published: 2025-05-06 09:31 – Updated: 2025-05-06 09:31
VLAI
Details

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-49847"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-06T09:15:22Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.",
  "id": "GHSA-c98f-fq4v-v6r3",
  "modified": "2025-05-06T09:31:33Z",
  "published": "2025-05-06T09:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49847"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CF88-F3CC-2R22

Vulnerability from github – Published: 2025-01-06 12:30 – Updated: 2025-01-06 12:30
VLAI
Details

Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45559"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-126"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-06T11:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend.",
  "id": "GHSA-cf88-f3cc-2r22",
  "modified": "2025-01-06T12:30:33Z",
  "published": "2025-01-06T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45559"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.