Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CVEs (446)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-21457 1Qualcomm 15Ar8035 Firmware Fastconnect 7800 FirmwareQca6584au Firmware+12 more Aug 19, 2025 Aug 6, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Information disclosure while opening a fastrpc session when domain is not sanitized.
CVE-2023-53159 1Sfackler 1Openssl Aug 7, 2025 Jul 28, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host.
CVE-2025-7745 - - Jul 25, 2025 Jul 24, 2025 6.9 MEDIUM· v4 5.8 MEDIUM· v3 N/A· v2 Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2.
CVE-2025-49684 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Jul 15, 2025 Jul 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.
CVE-2025-49659 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jul 15, 2025 Jul 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.
CVE-2025-47973 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jul 14, 2025 Jul 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
CVE-2025-47971 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jul 14, 2025 Jul 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
CVE-2025-27057 1Qualcomm 210Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+207 more Sep 25, 2025 Jul 8, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while handling beacon frames with invalid IE header length.
CVE-2025-27055 1Qualcomm 40Aqt1000 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+37 more Aug 11, 2025 Jul 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption during the image encoding process.
CVE-2025-21454 1Qualcomm 185315 5g Iot Modem Firmware 9206 Lte Modem FirmwareApq8017 Firmware+182 more Aug 11, 2025 Jul 8, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while processing received beacon frame.
CVE-2025-21449 1Qualcomm 180315 5g Iot Firmware Apq8017 FirmwareApq8064au Firmware+177 more Feb 10, 2026 Jul 8, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS may occur while processing malformed length field in SSID IEs.
CVE-2025-21446 1Qualcomm 235Ar8035 Firmware Ar9380 FirmwareCsr8811 Firmware+232 more Aug 11, 2025 Jul 8, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
CVE-2025-21427 1Qualcomm 173205 Mobile Firmware 215 Mobile FirmwareApq8064au Firmware+170 more Feb 11, 2026 Jul 8, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
CVE-2025-24068 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jul 8, 2025 Jun 10, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-27029 1Qualcomm 67Fastconnect 7800 Firmware Immersive Home 3210 Platform FirmwareImmersive Home 326 Platform Firmware+64 more Aug 20, 2025 Jun 3, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
CVE-2025-21463 1Qualcomm 210Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+207 more Nov 28, 2025 Jun 3, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while processing the EHT operation IE in the received beacon frame.
CVE-2024-53026 1Qualcomm 232205 Mobile Platform Firmware 215 Mobile Platform FirmwareApq8017 Firmware+229 more Nov 28, 2025 Jun 3, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
CVE-2024-53021 1Qualcomm 223205 Mobile Platform Firmware 215 Mobile Platform FirmwareApq8017 Firmware+220 more Nov 28, 2025 Jun 3, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure may occur while processing goodbye RTCP packet from network.
CVE-2024-53020 1Qualcomm 232205 Mobile Platform Firmware 215 Mobile Platform FirmwareApq8017 Firmware+229 more Nov 28, 2025 Jun 3, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
CVE-2024-53019 1Qualcomm 79Fastconnect 6200 Firmware Fastconnect 6700 FirmwareFastconnect 6900 Firmware+76 more Aug 20, 2025 Jun 3, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.

Previous 1...567...23 Next