CWE-126
AllowedBuffer Over-read
Abstraction: Variant · Status: Draft
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
853 vulnerabilities reference this CWE, most recent first.
GHSA-W98Q-7WF3-VG43
Vulnerability from github – Published: 2022-05-02 03:35 – Updated: 2026-05-27 18:31The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
{
"affected": [],
"aliases": [
"CVE-2009-2495"
],
"database_specific": {
"cwe_ids": [
"CWE-126",
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-07-29T17:30:00Z",
"severity": "HIGH"
},
"details": "The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka \"ATL Null String Vulnerability.\"",
"id": "GHSA-w98q-7wf3-vg43",
"modified": "2026-05-27T18:31:31Z",
"published": "2022-05-02T03:35:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2495"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-035"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-060"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6305"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6478"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7573"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=126592505426855\u0026w=2"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/35967"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36374"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36746"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-10.html"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html"
},
{
"type": "WEB",
"url": "http://www.novell.com/support/viewContent.do?externalId=7004997\u0026sliceId=1"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/2034"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-W9F5-6MHQ-CP5W
Vulnerability from github – Published: 2025-06-03 06:31 – Updated: 2025-06-03 06:31Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
{
"affected": [],
"aliases": [
"CVE-2024-53020"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-03T06:15:25Z",
"severity": "HIGH"
},
"details": "Information disclosure may occur while decoding the RTP packet with invalid header extension from network.",
"id": "GHSA-w9f5-6mhq-cp5w",
"modified": "2025-06-03T06:31:14Z",
"published": "2025-06-03T06:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53020"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-WC8P-W4MH-CRRR
Vulnerability from github – Published: 2024-07-01 15:32 – Updated: 2024-07-01 15:32INformation disclosure while handling Multi-link IE in beacon frame.
{
"affected": [],
"aliases": [
"CVE-2024-21457"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-01T15:15:13Z",
"severity": "MODERATE"
},
"details": "INformation disclosure while handling Multi-link IE in beacon frame.",
"id": "GHSA-wc8p-w4mh-crrr",
"modified": "2024-07-01T15:32:38Z",
"published": "2024-07-01T15:32:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21457"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-WFJ3-HJP7-62GF
Vulnerability from github – Published: 2024-02-06 06:30 – Updated: 2024-02-06 06:30Transient DOS in Core when DDR memory check is called while DDR is not initialized.
{
"affected": [],
"aliases": [
"CVE-2023-33060"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-06T06:15:59Z",
"severity": "HIGH"
},
"details": "Transient DOS in Core when DDR memory check is called while DDR is not initialized.",
"id": "GHSA-wfj3-hjp7-62gf",
"modified": "2024-02-06T06:30:31Z",
"published": "2024-02-06T06:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33060"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WJCG-9HH3-8323
Vulnerability from github – Published: 2026-06-09 15:32 – Updated: 2026-06-09 15:32A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.
{
"affected": [],
"aliases": [
"CVE-2026-11787"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-09T14:16:36Z",
"severity": "MODERATE"
},
"details": "A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.",
"id": "GHSA-wjcg-9hh3-8323",
"modified": "2026-06-09T15:32:18Z",
"published": "2026-06-09T15:32:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11787"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-11787"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2485425"
},
{
"type": "WEB",
"url": "https://redhat.atlassian.net/browse/PSIRTSUPT-7600"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-WRRW-R6X5-8634
Vulnerability from github – Published: 2025-03-03 12:30 – Updated: 2025-03-03 12:30Transient DOS during hypervisor virtual I/O operation in a virtual machine.
{
"affected": [],
"aliases": [
"CVE-2024-43056"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-03T11:15:11Z",
"severity": "MODERATE"
},
"details": "Transient DOS during hypervisor virtual I/O operation in a virtual machine.",
"id": "GHSA-wrrw-r6x5-8634",
"modified": "2025-03-03T12:30:32Z",
"published": "2025-03-03T12:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43056"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WV67-9JQ7-8R69
Vulnerability from github – Published: 2019-05-14 04:02 – Updated: 2021-08-03 21:47A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions < 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "mqtt-packet"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.5.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "mqtt-packet"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.1.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "mqtt-packet"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "mqtt-packet"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.1.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-5432"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": true,
"github_reviewed_at": "2019-05-10T04:24:12Z",
"nvd_published_at": "2019-05-06T17:29:00Z",
"severity": "HIGH"
},
"details": "A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions \u003c 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding.",
"id": "GHSA-wv67-9jq7-8r69",
"modified": "2021-08-03T21:47:43Z",
"published": "2019-05-14T04:02:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5432"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/541354"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Input Validation and Buffer Over-read in mqtt-packet"
}
GHSA-WVFJ-6R8W-H76P
Vulnerability from github – Published: 2025-07-08 15:32 – Updated: 2025-07-08 15:32Transient DOS while handling beacon frames with invalid IE header length.
{
"affected": [],
"aliases": [
"CVE-2025-27057"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-08T13:15:32Z",
"severity": "HIGH"
},
"details": "Transient DOS while handling beacon frames with invalid IE header length.",
"id": "GHSA-wvfj-6r8w-h76p",
"modified": "2025-07-08T15:32:03Z",
"published": "2025-07-08T15:32:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27057"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WWQW-CC33-FQHQ
Vulnerability from github – Published: 2025-09-09 18:31 – Updated: 2025-09-09 18:31Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
{
"affected": [],
"aliases": [
"CVE-2025-53797"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-09T17:15:49Z",
"severity": "MODERATE"
},
"details": "Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.",
"id": "GHSA-wwqw-cc33-fqhq",
"modified": "2025-09-09T18:31:19Z",
"published": "2025-09-09T18:31:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53797"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53797"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WXVM-JFW2-4MR5
Vulnerability from github – Published: 2026-04-06 18:33 – Updated: 2026-04-06 18:33Memory corruption while preprocessing IOCTL request in JPEG driver.
{
"affected": [],
"aliases": [
"CVE-2025-47390"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-06T16:16:27Z",
"severity": "HIGH"
},
"details": "Memory corruption while preprocessing IOCTL request in JPEG driver.",
"id": "GHSA-wxvm-jfw2-4mr5",
"modified": "2026-04-06T18:33:05Z",
"published": "2026-04-06T18:33:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47390"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.