CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,471 vulnerabilities with CWE-125
CVE-2026-27596 HIGH
Exiv2 <0.28.8 - Memory Corruption
CVSS 7.5
CVE-2026-25884 HIGH
Exiv2 <0.28.8 - Memory Corruption
CVSS 8.1
CVE-2026-0035 HIGH
MediaProvider - Privilege Escalation
CVSS 8.4
CVE-2026-23865 MEDIUM
Freetype 2.13.2-2.13.3 - Memory Corruption
CVSS 5.3
CVE-2026-20429 MEDIUM
Display - Info Disclosure
CVSS 4.4
CVE-2026-20424 MEDIUM
Display - Info Disclosure
CVSS 4.4
CVE-2026-3391 LOW
FascinatedBox lily <2.3 - Memory Corruption
CVSS 3.3
CVE-2026-3390 LOW
FascinatedBox lily <=2.3 - Memory Corruption
CVSS 3.3
CVE-2026-3386 LOW
wren-lang wren <=0.4.0 - Memory Corruption
CVSS 3.3
CVE-2026-28420 MEDIUM
Vim <9.2.0076 - Buffer Overflow
CVSS 4.4
CVE-2026-28419 MEDIUM
Vim <9.2.0075 - Memory Corruption
CVSS 5.3
CVE-2026-28418 MEDIUM
Vim <9.2.0074 - Buffer Overflow
CVSS 4.4
CVE-2026-28231 CRITICAL
pillow_heif <1.3.0 - Memory Corruption
CVSS 9.1
CVE-2026-22717 LOW
VMware Workstation <25H1 - Info Disclosure
CVSS 2.7
CVE-2026-3285 LOW
berry-lang berry <=1.1.0 - Memory Corruption
CVSS 3.3
CVE-2026-3283 LOW
libvips 8.19.0 - Memory Corruption
CVSS 3.3
CVE-2026-3282 LOW
libvips 8.19.0 - Memory Corruption
CVSS 3.3
CVE-2026-27831 HIGH
rldns 2.3 - DoS
CVSS 7.5
CVE-2026-27798 MEDIUM
ImageMagick <7.1.2-15/6.9.13-40 - Buffer Overflow
CVSS 4.0
CVE-2026-27711 MEDIUM
NanaZip 5.0.1252.0-6.0.1637.0 - Memory Corruption
CVSS 6.6
CVE-2026-27709 MEDIUM
NanaZip 5.0.1252.0-6.0.1637.0 - Info Disclosure
CVSS 6.6
CVE-2026-25942 HIGH
FreeRDP <3.23.0 - Memory Corruption
CVSS 7.5
CVE-2026-25941 MEDIUM
FreeRDP 2.x-3.x - Info Disclosure
CVSS 4.3
CVE-2026-27692 HIGH
iccDEV <=2.3.1.4 - Memory Corruption
CVSS 7.1
CVE-2026-0402 MEDIUM
SonicOS - Memory Corruption
CVSS 4.9
Details
Vulnerabilities 8,471
Links
MITRE CWE Entry Search this CWE With Exploits