CWE-126

Buffer Over-read

Parent: CWE-125 - Out-of-bounds Read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

449 vulnerabilities with CWE-126
CVE-2025-53736 MEDIUM
Microsoft Office Word - Info Disclosure
CVSS 6.8
CVE-2025-27068 HIGH
Qualcomm FastConnect and Snapdragon Firmware - Memory Corruption via IOCTL
CVSS 7.8
CVE-2025-27065 HIGH
Qualcomm AR8035 Firmware - Denial of Service via Malformed Shared-Key Descriptor
CVSS 7.5
CVE-2025-21457 MEDIUM
Qualcomm AR8035 Firmware - Information Disclosure via Unsanitized Domain in FastRPC Session
CVSS 6.1
CVE-2025-7745 MEDIUM
ABB AC500 V2 -<2.5.2 - Buffer Overflow
CVSS 5.8
CVE-2025-49684 MEDIUM
Windows 10/11 Storage Port Driver Authenticated Information Disclosure via Buffer Over-read
CVSS 5.5
CVE-2025-49659 HIGH
Windows TDX.sys - Authenticated Buffer Over-read
CVSS 7.8
CVE-2025-47973 HIGH
Windows 10/11, Server 2008 - Unauthenticated Privilege Escalation via VHDX Buffer Over-read
CVSS 7.8
CVE-2025-47971 HIGH
Windows 10/11, Server 2008 - Unauthenticated Privilege Escalation via VHDX Buffer Over-read
CVSS 7.8
CVE-2025-27057 HIGH
Qualcomm Wi-Fi Firmware - Denial of Service via Invalid Beacon Frame IE Header
CVSS 7.5
CVE-2025-27055 HIGH
Product <Version - Memory Corruption
CVSS 7.8
CVE-2025-21454 HIGH
Qualcomm Firmware - Denial of Service via Beacon Frame Processing
CVSS 7.5
CVE-2025-21449 HIGH
Qualcomm Snapdragon and Smart Audio Platform Firmware - Denial of Service via Malformed SSID IE Length Field
CVSS 7.5
CVE-2025-21446 HIGH
Qualcomm FastConnect and Immersive Home Firmware - Denial of Service via WLAN Frame BTM Request Parsing
CVSS 7.5
CVE-2025-21427 HIGH
Qualcomm Snapdragon and Smart Display Firmware - Out-of-bounds Read in RTP Packet Payload Decoding
CVSS 8.2
CVE-2025-24068 MEDIUM
Windows 10/11, Server 2016-2019 Authenticated Info Disclosure via Buffer Over-read
CVSS 5.5
CVE-2025-27029 HIGH
Qualcomm FastConnect 7800 Firmware - Denial of Service via Tone Measurement Response Buffer
CVSS 7.5
CVE-2025-21463 HIGH
Qualcomm AR8035 Firmware - Denial of Service via EHT Operation IE Processing
CVSS 7.5
CVE-2025-47295 LOW
FortiOS 7.0.0-7.0.14, 7.2.0-7.2.7, 7.4.0-7.4.3 - Unauthenticated Denial of Service via FGFM Daemon Buffer Over-Read
CVSS 3.7
CVE-2025-32704 HIGH
Microsoft Excel - Out-of-bounds Read
CVSS 8.4
CVE-2025-29956 MEDIUM
Windows 10 1507-22H2 and Windows 11 22H2 - Authenticated Information Disclosure via SMB Buffer Over-Read
CVSS 5.4
CVE-2025-4207 MEDIUM
PostgreSQL <17.5-13.21 - Buffer Overflow
CVSS 5.9
CVE-2025-21475 HIGH
Qualcomm AQT1000 Firmware - Out-of-bounds Read via DisplayId Escape Code Processing
CVSS 7.8
CVE-2025-21459 HIGH
Qualcomm SA7775P Firmware - Denial of Service via ML IE Parsing
CVSS 7.5
CVE-2025-26676 MEDIUM
Windows Server RRAS Unauthenticated Information Disclosure via Buffer Over-read
CVSS 6.5
Details
Vulnerabilities 449
Links
MITRE CWE Entry Search this CWE With Exploits