VYPR

CWE-126

Buffer Over-read

VariantDraft

Description

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (65)

page 2 of 4
  • CVE-2026-4371HigMar 24, 2026
    risk 0.48cvss 7.4epss 0.00

    A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird…

  • CVE-2024-31082HigApr 4, 2024
    risk 0.47cvss 7.3epss 0.00

    A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a…

  • CVE-2024-31081HigApr 4, 2024
    risk 0.47cvss 7.3epss 0.01

    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a…

  • CVE-2024-31080HigApr 4, 2024
    risk 0.47cvss 7.3epss 0.01

    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a…

  • CVE-2026-37532HigMay 1, 2026
    risk 0.46cvss 7.1epss 0.00

    AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is extracted from a 4-bit nibble in the CAN frame data, yielding values 0-15. However, a…

  • CVE-2025-47400HigApr 6, 2026
    risk 0.46cvss 7.1epss 0.00

    Cryptographic issue while copying data to a destination buffer without validating its size.

  • CVE-2025-4582HigSep 23, 2025
    risk 0.46cvss 7.1epss 0.00

    Buffer Over-read, Off-by-one Error vulnerability in RTI Connext Professional (Core Libraries) allows File Manipulation, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.8, from 6.1.0 before 6.1.2.26, from 6.0.0 before…

  • CVE-2009-2495MedJul 29, 2009
    risk 0.46cvss 6.5epss 0.42

    The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via…

  • CVE-2025-47403MedMay 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.

  • CVE-2025-47401MedMay 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Transient DOS when processing target power rate tables during channel configuration.

  • CVE-2026-34059HigMay 4, 2026
    risk 0.42cvss 7.5epss 0.00

    Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.

  • CVE-2026-6238MedApr 28, 2026
    risk 0.42cvss 6.5epss 0.00

    The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS…

  • CVE-2026-26155MedApr 14, 2026
    risk 0.42cvss 6.5epss 0.01

    Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

  • CVE-2026-2394MedApr 1, 2026
    risk 0.42cvss 6.5epss 0.00

    Buffer Over-read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from 4.3x…

  • CVE-2025-32053MedApr 3, 2025
    risk 0.42cvss 6.5epss 0.01

    A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.

  • CVE-2025-32052MedApr 3, 2025
    risk 0.42cvss 6.5epss 0.01

    A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.

  • CVE-2026-44185HigJun 8, 2026
    risk 0.40cvss 7.3epss 0.00

    Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

  • CVE-2025-47406MedMay 4, 2026
    risk 0.40cvss 6.1epss 0.00

    Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.

  • CVE-2026-26169MedApr 14, 2026
    risk 0.40cvss 6.1epss 0.02

    Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally.

  • CVE-2025-7745MedJul 24, 2025
    risk 0.38cvss 5.8epss 0.00

    Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2.