Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CVEs (446)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-21429 1Qualcomm 1839206 Lte Modem Firmware Apq8017 FirmwareApq8064au Firmware+180 more Feb 10, 2026 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
CVE-2025-21428 1Qualcomm 699206 Lte Modem Firmware Apq8017 FirmwareAr8031 Firmware+66 more Oct 6, 2025 Apr 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session.
CVE-2025-21421 1Qualcomm 45Aqt1000 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+42 more Aug 19, 2025 Apr 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing escape code in API.
CVE-2024-45552 1Qualcomm 145Apq8064au Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+142 more Oct 6, 2025 Apr 7, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.
CVE-2025-32053 - - Nov 3, 2025 Apr 3, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.
CVE-2025-32052 - - Apr 22, 2026 Apr 3, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.
CVE-2025-24992 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 21h2+11 more Jul 3, 2025 Mar 11, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.
CVE-2024-12975 - - Sep 16, 2025 Mar 7, 2025 1.0 LOW· v4 N/A· v3 N/A· v2 A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.
CVE-2024-43056 1Qualcomm 187Aqt1000 Firmware Ar8035 FirmwareFastconnect 6200 Firmware+184 more Aug 11, 2025 Mar 3, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Transient DOS during hypervisor virtual I/O operation in a virtual machine.
CVE-2024-57970 - - Feb 18, 2025 Feb 16, 2025 N/A· v4 4.0 MEDIUM· v3 N/A· v2 libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
CVE-2024-12011 - - Feb 13, 2025 Feb 13, 2025 N/A· v4 7.6 HIGH· v3 N/A· v2 A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote u...Show more A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid authentication tokens from the process memory associated to users currently logged to the system and bypass the authentication mechanism.Show less
CVE-2024-49839 1Qualcomm 185Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+182 more Aug 11, 2025 Feb 3, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Memory corruption during management frame processing due to mismatch in T2LM info element.
CVE-2024-49838 1Qualcomm 165Ar8035 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+162 more Feb 5, 2025 Feb 3, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Information disclosure while parsing the OCI IE with invalid length.
CVE-2024-45561 1Qualcomm 32Aqt1000 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+29 more Feb 5, 2025 Feb 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while handling IOCTL call from user-space to set latency level.
CVE-2024-38417 1Qualcomm 56Ar8035 Firmware C V2x 9150 FirmwareFastconnect 6900 Firmware+53 more Feb 5, 2025 Feb 3, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure while processing IO control commands.
CVE-2024-38416 1Qualcomm 71Ar8035 Firmware C V2x 9150 FirmwareFastconnect 6800 Firmware+68 more Feb 5, 2025 Feb 3, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure during audio playback.
CVE-2024-38414 1Qualcomm 28Fastconnect 6900 Firmware Fastconnect 7800 FirmwareQam8295p Firmware+25 more Feb 5, 2025 Feb 3, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure while processing information on firmware image during core initialization.
CVE-2024-38404 1Qualcomm 40Ar8035 Firmware Fastconnect 7800 FirmwareQca6584au Firmware+37 more Feb 5, 2025 Feb 3, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.
CVE-2025-21277 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jan 27, 2025 Jan 14, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21271 1Microsoft 5Windows 10 1809 Windows 10 21h2Windows 10 22h2+2 more Jan 27, 2025 Jan 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Previous 1...789...23 Next