VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 1 of 124
  • CVE-2017-5030HigKEVApr 24, 2017
    risk 0.73cvss 8.8epss 0.42

    Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.

  • CVE-2016-1646HigKEVMar 29, 2016
    risk 0.73cvss 8.8epss 0.48

    The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other…

  • CVE-2014-0160HigKEVApr 7, 2014
    risk 0.72cvss 7.5epss 1.00

    The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by…

  • CVE-2026-11645HigKEVJun 9, 2026
    risk 0.69cvss 8.8epss 0.02

    Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-1999-0006CriJul 14, 1998
    risk 0.68cvss 9.8epss 0.12

    Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

  • CVE-2026-24826CriJan 27, 2026
    risk 0.65cvss epss 0.00

    Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects .

  • CVE-2024-28515CriApr 3, 2024
    risk 0.65cvss 9.8epss 0.02

    Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker to execute arbitrary code via the lab3 of csapp,lab3/buflab-update.pl component.

  • CVE-2017-12377CriJan 26, 2018
    risk 0.65cvss 9.8epss 0.12

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input…

  • CVE-2017-8817CriNov 29, 2017
    risk 0.65cvss 9.8epss 0.11

    The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

  • CVE-2026-5735CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2…

  • CVE-2026-2771CriFeb 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

  • CVE-2026-22984CriJan 23, 2026
    risk 0.64cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout. [ idryomov: changelog ]

  • CVE-2025-4918CriMay 17, 2025
    risk 0.64cvss 9.8epss 0.09

    An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2.

  • CVE-2025-24265CriMar 31, 2025
    risk 0.64cvss 9.8epss 0.01

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.

  • CVE-2025-24256CriMar 31, 2025
    risk 0.64cvss 9.8epss 0.01

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to disclose kernel memory.

  • CVE-2025-24230CriMar 31, 2025
    risk 0.64cvss 9.8epss 0.02

    An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Playing a malicious audio file may lead…

  • CVE-2024-0794CriFeb 20, 2024
    risk 0.64cvss 9.8epss 0.01

    Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file.

  • CVE-2022-46393CriDec 15, 2022
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.

  • CVE-2019-1010295CriJul 15, 2019
    risk 0.64cvss 9.8epss 0.02

    Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: optee_os. The fixed version is: 3.4.0 and later.

  • CVE-2018-14790CriOct 1, 2018
    risk 0.64cvss 9.8epss 0.05

    Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device.