Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CVEs (446)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-43595 1Microsoft 1Edge Chromium Oct 18, 2024 Oct 17, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2024-43500 1Microsoft 4Windows 11 22h2 Windows 11 23h2Windows 11 24h2+1 more Oct 17, 2024 Oct 8, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Windows Resilient File System (ReFS) Information Disclosure Vulnerability
CVE-2024-38265 1Microsoft 6Windows Server 2008 Windows Server 2012Windows Server 2016+3 more Oct 22, 2024 Oct 8, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38261 1Microsoft 6Windows Server 2008 Windows Server 2012Windows Server 2016+3 more Oct 22, 2024 Oct 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38397 1Qualcomm 115Ar8035 Firmware Fastconnect 6700 FirmwareFastconnect 6900 Firmware+112 more Aug 11, 2025 Oct 7, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing probe response and assoc response frame.
CVE-2024-33073 1Qualcomm 158Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+155 more Aug 11, 2025 Oct 7, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-33071 1Qualcomm 5Mdm9628 Firmware Qca6564a FirmwareQca6564au Firmware+2 more Oct 16, 2024 Oct 7, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0.
CVE-2024-33070 1Qualcomm 5Mdm9628 Firmware Qca6564a FirmwareQca6564au Firmware+2 more Oct 16, 2024 Oct 7, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing ESP IE from beacon/probe response frame.
CVE-2024-33064 1Qualcomm 5Mdm9628 Firmware Qca6564a FirmwareQca6564au Firmware+2 more Oct 16, 2024 Oct 7, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure while parsing the multiple MBSSID IEs from the beacon.
CVE-2024-33049 1Qualcomm 131Csr8811 Firmware Fastconnect 6700 FirmwareFastconnect 7800 Firmware+128 more Aug 11, 2025 Oct 7, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
CVE-2024-9029 1Freeimage Project 1Freeimage Aug 8, 2025 Sep 27, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the read_iptc_profile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not b...Show more A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the read_iptc_profile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not being sanitized, causing a crash in the application linked to the library, resulting in a denial of service.Show less
CVE-2024-43475 1Microsoft 1Windows Server 2008 Sep 13, 2024 Sep 10, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Microsoft Windows Admin Center Information Disclosure Vulnerability
CVE-2024-38250 1Microsoft 16Office Office Long Term Servicing ChannelWindows 10 1507+13 more Sep 17, 2024 Sep 10, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-33057 1Qualcomm 170Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+167 more Aug 11, 2025 Sep 2, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
CVE-2024-33051 1Qualcomm 282315 5g Iot Firmware 9206 Lte FirmwareApq8017 Firmware+279 more Aug 11, 2025 Sep 2, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
CVE-2024-33050 1Qualcomm 252Ar8035 Firmware Ar9380 FirmwareCsr8811 Firmware+249 more Aug 11, 2025 Sep 2, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2024-33048 1Qualcomm 187Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+184 more Aug 11, 2025 Sep 2, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
CVE-2024-33047 1Qualcomm 24Fastconnect 6700 Firmware Fastconnect 6900 FirmwareFastconnect 7800 Firmware+21 more Aug 11, 2025 Sep 2, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption when the captureRead QDCM command is invoked from user-space.
CVE-2024-33043 1Qualcomm 197205 Mobile Platform Firmware 215 Mobile Platform FirmwareApq8017 Firmware+194 more Dec 20, 2024 Sep 2, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Transient DOS while handling PS event when Program Service name length offset value is set to 255.
CVE-2024-23364 1Qualcomm 177Ar8035 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+174 more Oct 3, 2025 Sep 2, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).

Previous 1...91011...23 Next