Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CVEs (446)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-47295 1Fortinet 1Fortios Jun 4, 2025 May 28, 2025 N/A· v4 3.7 LOW· v3 N/A· v2 A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon via a specially cr...Show more A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon via a specially crafted request, under rare conditions that are outside of the attacker's control.Show less
CVE-2024-52879 1Insyde 1Insydeh2o Aug 15, 2025 May 15, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61....Show more An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, SmmUpdateVariablePropertySmi () is a SMM callback function and it uses StrCmp () to compare variable names. This action may cause a buffer over-read.Show less
CVE-2024-52878 1Insyde 1Insydeh2o Aug 15, 2025 May 15, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61....Show more An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, VariableServicesSetVariable () can be called by gRT_>SetVariable () or the SmmSetSensitiveVariable () or SmmInternalSetVariable () from SMM. In VariableServicesSetVariable (), it uses StrSize () to get variable name size, uses StrLen () to get variable name length and uses StrCmp () to compare strings. These actions may cause a buffer over-read.Show less
CVE-2024-52877 1Insyde 1Insydeh2o Aug 15, 2025 May 15, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61....Show more An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, callback function SmmCreateVariableLockList () calls CreateVariableLockListInSmm (). In CreateVariableLockListInSmm (), it uses StrSize () to get variable name size and it could lead to a buffer over-read.Show less
CVE-2025-32704 1Microsoft 4365 Apps ExcelOffice+1 more May 19, 2025 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29956 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more May 19, 2025 May 13, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.
CVE-2025-4207 - - May 12, 2025 May 8, 2025 N/A· v4 5.9 MEDIUM· v3 N/A· v2 Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the d...Show more Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.Show less
CVE-2025-21475 1Qualcomm 40Aqt1000 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+37 more Aug 11, 2025 May 6, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
CVE-2025-21459 1Qualcomm 123Ar8035 Firmware Fastconnect 6700 FirmwareFastconnect 6900 Firmware+120 more Aug 11, 2025 May 6, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing per STA profile in ML IE.
CVE-2024-49847 1Qualcomm 47Ar8035 Firmware Fastconnect 7800 FirmwareQca6574au Firmware+44 more May 9, 2025 May 6, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
CVE-2024-49846 1Qualcomm 31Ar8035 Firmware Fastconnect 7800 FirmwareQca6574au Firmware+28 more May 9, 2025 May 6, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Memory corruption while decoding of OTA messages from T3448 IE.
CVE-2024-45568 1Qualcomm 13Fastconnect 6900 Firmware Fastconnect 7800 FirmwareSdm429w Firmware+10 more May 9, 2025 May 6, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption due to improper bounds check while command handling in camera-kernel driver.
CVE-2025-26676 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 9, 2025 Apr 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-26672 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jul 9, 2025 Apr 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-26664 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 10, 2025 Apr 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-21203 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 10, 2025 Apr 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-21448 1Qualcomm 267315 5g Iot Modem Firmware Aqt1000 FirmwareAr8035 Firmware+264 more Oct 6, 2025 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS may occur while parsing SSID in action frames.
CVE-2025-21435 1Qualcomm 149Ar8035 Firmware Csr8811 FirmwareFastconnect 6800 Firmware+146 more Oct 6, 2025 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS may occur while parsing extended IE in beacon.
CVE-2025-21434 1Qualcomm 121Ar8035 Firmware Fastconnect 6700 FirmwareFastconnect 6900 Firmware+118 more Oct 6, 2025 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS may occur while parsing EHT operation IE or EHT capability IE.
CVE-2025-21430 1Qualcomm 223315 5g Iot Modem Firmware Apq8017 FirmwareApq8064au Firmware+220 more Oct 6, 2025 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.

Previous 1...678...23 Next