CWE-125

Out-of-bounds Read

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product reads data past the end, or before the beginning, of the intended buffer.

8,896 vulnerabilities with CWE-125
CVE-2022-31630 MEDIUM
PHP <7.4.33, 8.0.25, 8.1.12 - Memory Corruption
CVSS 6.5
CVE-2022-26369 MEDIUM
Intel XMM 7560 Firmware < M2_7560_R_01.2146.00 - Out-of-bounds Read
CVSS 6.2
CVE-2022-41873 MEDIUM
contiki-ng < 4.9 - Out-of-bounds Read in L2CAP Channel ID Processing
CVSS 4.2
CVE-2022-36938 CRITICAL
Facebook Redex < 2022-11-04 - Out-of-bounds Read in DexLoader get_stringidx_fromdex()
CVSS 9.8
CVE-2022-39392 MEDIUM
Wasmtime < 1.0.2 and 2.0.0-2.0.2 - Memory Corruption via Pooling Instance Allocator Misconfiguration
CVSS 5.9
CVE-2022-39891 MEDIUM
Samsung Editor Lite < 4.0.41.3 - Out-of-bounds Read in parse_pce Function
CVSS 4.3
CVE-2022-39881 MEDIUM
Exynos Firmware - Out-of-bounds Read via SIB12 PDU Processing
CVSS 5.3
CVE-2022-3447 MEDIUM
Google Chrome < 106.0.5249.119 - URL Spoofing via Custom Tabs
CVSS 4.3
CVE-2022-32602 MEDIUM
Android - Out-of-Bounds Read in Keyinstall
CVSS 5.5
CVE-2022-21778 MEDIUM
Android - Out-of-bounds Read in vpu
CVSS 6.7
CVE-2022-44311 HIGH
html2xhtml v1.3 - Memory Corruption
CVSS 8.1
CVE-2022-41662 HIGH
JT2Go, Teamcenter Visualization <V14.1.0.4 - RCE
CVSS 7.8
CVE-2022-41661 HIGH
JT2Go, Teamcenter Visualization <V14.1.0.4 - RCE
CVSS 7.8
CVE-2022-39157 HIGH
Parasolid V34.0/V34.1/V35.0 Out-of-bounds Read via X_T File Parsing
CVSS 7.8
CVE-2022-43359 HIGH
Gifdec <commit 1dcbae19363597314f6623010cc80abad4e47f7c - Memory Co...
CVSS 7.8
CVE-2022-42905 CRITICAL
wolfssl < 5.5.2 - Heap Buffer Over-Read via WOLFSSL_CALLBACKS
CVSS 9.1
CVE-2022-43995 HIGH
sudo 1.8.0-1.9.12 - Heap-Based Buffer Over-Read via Password Input
CVSS 7.1
CVE-2022-32936 MEDIUM
macOS < 13.0 - Out-of-bounds Read
CVSS 5.5
CVE-2022-44081 MEDIUM
Lodepng <20220717 - Memory Corruption
CVSS 5.5
CVE-2022-43282 HIGH
wasm-interp <1.0.29 - Memory Corruption
CVSS 7.1
CVE-2022-43280 HIGH
wasm-interp <1.0.29 - Memory Corruption
CVSS 7.1
CVE-2022-39836 MEDIUM
diagnostic_log_and_trace < 2.18.8 - Heap-Based Buffer Over-Read via DLT File Parser
CVSS 5.5
CVE-2022-38436 HIGH
Adobe Illustrator <26.4, 25.4.7 - Code Injection
CVSS 7.8
CVE-2022-35271 HIGH
Robustel R1510 Firmware 3.1.16 and 3.3.0 - Denial of Service via Web Server hashFirst Functionality
CVSS 7.5
CVE-2022-35270 HIGH
Robustel R1510 Firmware 3.1.16 and 3.3.0 - Denial of Service via Web Server hashFirst Functionality
CVSS 7.5
Details
Vulnerabilities 8,896