VYPR

CWE-125

Out-of-bounds Read

BaseDraft

Description

The product reads data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-540

CVEs mapped to this weakness (2,466)

page 101 of 124
  • CVE-2026-9803MedMay 28, 2026
    risk 0.34cvss 5.3epss 0.00

    A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an…

  • CVE-2026-8546MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8543MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity:…

  • CVE-2026-8541MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8535MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. (Chromium security severity:…

  • CVE-2026-5886MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-41728MedJan 27, 2026
    risk 0.34cvss 5.3epss 0.00

    A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and…

  • CVE-2025-10933MedJan 5, 2026
    risk 0.34cvss epss 0.00

    An integer underflow vulnerability in the Silicon Labs Z-Wave Protocol Controller can lead to out of bounds memory reads.

  • CVE-2025-15412MedJan 1, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decompiler::VarName of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. Such manipulation leads to out-of-bounds read. Local access is…

  • CVE-2025-67749MedDec 12, 2025
    risk 0.34cvss epss 0.00

    PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. In versions 2.5.377 and below, an unchecked offset and size used in a memcpy operation inside PCSX2's CDVD SCMD 0x91 and SCMD 0x8F handlers allow a specially crafted disc image or ELF to cause an out-of-bounds read…

  • CVE-2023-43694MedAug 14, 2025
    risk 0.34cvss 5.2epss 0.00

    An issue was discovered in Malwarebytes 4.6.14.326 and before and 5.1.5.116 and before (and Nebula 2020-10-21 and later). An Out of bounds read in several disassembling utilities causes stability issues and denial of service.

  • CVE-2025-23406MedFeb 14, 2025
    risk 0.34cvss 5.3epss 0.00

    Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed.

  • CVE-2024-54518MedJan 27, 2025
    risk 0.34cvss 5.3epss 0.00

    The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.

  • CVE-2024-44246MedDec 12, 2024
    risk 0.34cvss 5.3epss 0.01

    The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the…

  • CVE-2022-20766MedNov 15, 2024
    risk 0.34cvss 5.3epss 0.01

    A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to an out-of-bounds read…

  • CVE-2023-20509MedAug 13, 2024
    risk 0.34cvss 5.2epss 0.00

    An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity.

  • CVE-2021-39218MedSep 17, 2021
    risk 0.34cvss 6.3epss 0.00

    Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses `externref`s in…

  • CVE-2021-29613MedMay 14, 2021
    risk 0.34cvss 6.3epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2,…

  • CVE-2017-15853MedApr 3, 2018
    risk 0.34cvss 5.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing PTT commands, ptt_sock_send_msg_to_app() is invoked without validating the packet length. If the…

  • CVE-2017-15837MedApr 3, 2018
    risk 0.34cvss 5.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a policy for the packet pattern attribute NL80211_PKTPAT_OFFSET is not defined which can lead to a buffer over-read…