CVEbaza.plSłownik CWECWE-126
Common Weakness Enumeration

CWE-126

Buffer Over-read

Kategoria: VariantCVE: 455
Opis

Produkt odczytuje dane z buforu, używając mechanizmów dostępu do buforu, takich jak indeksy lub wskaźniki, które odwołują się do lokalizacji pamięci znajdujących się poza obszarem buforu docelowego. Może to prowadzić do ujawnienia poufnych danych lub innych niepożądanych zachowań.

Description (EN)

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

Podatności CVE z CWE-126 (455)
9.8
CVSS
CRITICAL
CVE-2017-17772

Podatność w oprogramowaniu układowym chipsetów Qualcomm SD 450, SD 625 i SD 820 umożliwia odczyt poza granicami bufora (out-of-bounds read) podczas przetwarzania ramek sieci Wi-Fi (802.11). Wysoki wynik CVSS 9.8 wskazuje na poważne zagrożenie — atakujący może działać zdalnie bez uwierzytelnienia.

pub. 2024-11-26
9.8
CVSS
CRITICAL
CVE-2023-36397

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

pub. 2023-11-14
9.8
CVSS
CRITICAL
CVE-2019-3563

Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow. This affects versions of Wangle prior to v2019.04.22.00

pub. 2019-04-29
9.8
CVSS
CRITICAL
CVE-2018-14790

Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device.

pub. 2018-10-01
9.8
CVSS
CRITICAL
CVE-2017-7679

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

pub. 2017-06-20
9.6
CVSS
CRITICAL
CVE-2024-38373

FreeRTOS-Plus-TCP w wersjach 4.0.0–4.1.0 zawiera podatność typu buffer over-read w module parsowania odpowiedzi DNS, umożliwiającą odczyt danych spoza bufora. Błąd jest szczególnie groźny w urządzeniach wbudowanych i systemach IoT opartych na FreeRTOS, gdzie stack TCP/IP jest zasobem krytycznym.

pub. 2024-06-24
9.1
CVSS
CRITICAL
CVE-2025-12106

Podatność w OpenVPN w wersjach 2.7_alpha1 do 2.7_rc1 pozwala nieuwierzytelnionemu atakującemu zdalnie wywołać heap buffer over-read podczas parsowania adresów IP. Błąd może skutkować ujawnieniem wrażliwych danych z pamięci procesu lub odmową usługi (DoS).

pub. 2025-12-01
9.1
CVSS
CRITICAL
CVE-2023-51773

BACnet Stack przed wersją 1.3.2 zawiera podatność typu buffer over-read w funkcji `bacapp_decode_application_data` w pliku bacapp.c. Błąd ten może prowadzić do nieautoryzowanego odczytu danych z pamięci oraz wywołania odmowy usługi (DoS) bez jakiegokolwiek uwierzytelnienia.

pub. 2024-02-29
9.1
CVSS
CRITICAL
CVE-2021-34584

Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.

pub. 2021-10-26
9.1
CVSS
CRITICAL
CVE-2019-11036

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.

pub. 2019-05-03
8.8
CVSS
HIGH
CVE-2025-36855

A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due to buffer over-read. Per CWE-126: Buffer Over-read https://cwe.mitre.org/data/definitions/126.html , Buffer Over-read is when a product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. This issue affects EOL ASP.NET 6.0.0 <= 6.0.36 as represented in this CVE, as well as 8.0.0 <= 8.0.11 & <= 9.0.0 as represented in CVE-2025-21176. Additionally, if you've deployed self-contained applications https://docs.microsoft.com/dotnet/core/deploying/#self-contained-deployments-scd  targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry.

pub. 2025-09-08
8.8
CVSS
HIGH
CVE-2025-21176

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

pub. 2025-01-14
8.8
CVSS
HIGH
CVE-2024-38265

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

pub. 2024-10-08
8.7
CVSS
HIGH
CVE-2025-60003

A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an affected device receives a BGP update with a set of specific optional transitive attributes over an established peering session, rpd will crash and restart when attempting to advertise the received information to another peer. This issue can only happen if one or both of the BGP peers of the receiving session are non-4-byte-AS capable as determined from the advertised capabilities during BGP session establishment. Junos OS and Junos OS Evolved default behavior is 4-byte-AS capable unless this has been specifically disabled by configuring: [ protocols bgp ... disable-4byte-as ] Established BGP sessions can be checked by executing: show bgp neighbor <IP address> | match "4 byte AS" This issue affects: Junos OS:  * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2; Junos OS Evolved:  * all versions before 22.4R3-S8-EVO, * 23.2 versions before 23.2R2-S5-EVO, * 23.4 versions before 23.4R2-S6-EVO, * 24.2 versions before 24.2R2-S2-EVO, * 24.4 versions before 24.4R2-EVO.

pub. 2026-01-15
8.6
CVSS
HIGH
CVE-2023-49285

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

pub. 2023-12-04
8.6
CVSS
HIGH
CVE-2022-20823

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

pub. 2022-08-25
8.6
CVSS
HIGH
CVE-2022-20714

A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card.

pub. 2022-04-15
8.6
CVSS
HIGH
CVE-2021-1588

A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.

pub. 2021-08-25
8.6
CVSS
HIGH
CVE-2021-1373

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

pub. 2021-03-24
8.6
CVSS
HIGH
CVE-2020-3399

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient input validation during CAPWAP packet processing. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device, resulting in a buffer over-read. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

pub. 2020-09-24
Pokazano 20 z 455 podatności
Informacje
ID: CWE-126
Typ: Variant
Podatności: 455
MITRE CWE ↗
← Słownik CWE
CWE-126 — Przepełnienie buforu przy odczytywaniu | Słownik CWE | CVEbaza.pl