Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CVEs (446)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-23359 1Qualcomm 159205 Mobile Platform Firmware 315 5g Iot Modem Firmware9205 Lte Modem Firmware+156 more Oct 3, 2025 Sep 2, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.
CVE-2024-23358 1Qualcomm 53205 Mobile Platform Firmware Apq8017 FirmwareApq8037 Firmware+50 more Oct 3, 2025 Sep 2, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.
CVE-2024-7347 1F5 2Nginx Open Source Nginx Plus Nov 3, 2025 Aug 14, 2024 5.7 MEDIUM· v4 4.7 MEDIUM· v3 N/A· v2 NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue...Show more NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Show less
CVE-2024-38135 1Microsoft 4Windows 11 22h2 Windows 11 23h2Windows 11 24h2+1 more Aug 16, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-38127 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2024-33026 1Qualcomm 164Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+161 more Nov 20, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
CVE-2024-33025 1Qualcomm 167Csr8811 Firmware Fastconnect 6800 FirmwareFastconnect 6900 Firmware+164 more Nov 20, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-33020 1Qualcomm 96Ar8035 Firmware Fastconnect 6700 FirmwareFastconnect 6800 Firmware+93 more Nov 20, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while processing TID-to-link mapping IE elements.
CVE-2024-33019 1Qualcomm 148Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+145 more Nov 20, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing the received TID-to-link mapping action frame.
CVE-2024-33018 1Qualcomm 150Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+147 more Nov 20, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.
CVE-2024-33015 1Qualcomm 192Ar8035 Firmware Csr8811 FirmwareFastconnect 6200 Firmware+189 more Nov 20, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
CVE-2024-33014 1Qualcomm 319315 5g Iot Modem Firmware 860 Mobile Platform FirmwareApq8064au Firmware+316 more Nov 20, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing ESP IE from beacon/probe response frame.
CVE-2024-33013 1Qualcomm 169Ar8035 Firmware Csr8811 FirmwareFastconnect 6700 Firmware+166 more Nov 26, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
CVE-2024-33012 1Qualcomm 247Ar8035 Firmware Ar9380 FirmwareCsr8811 Firmware+244 more Nov 26, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33011 1Qualcomm 247Ar8035 Firmware Ar9380 FirmwareCsr8811 Firmware+244 more Nov 26, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2024-23353 1Qualcomm 247205 Mobile Platform Firmware 215 Mobile Platform Firmware315 5g Iot Modem Firmware+244 more Nov 26, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
CVE-2024-21479 1Qualcomm 94Ar8035 Firmware Fastconnect 6700 FirmwareFastconnect 6800 Firmware+91 more Nov 26, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS during music playback of ALAC content.
CVE-2024-21467 1Qualcomm 129Csr8811 Firmware Fastconnect 6800 FirmwareFastconnect 6900 Firmware+126 more Nov 26, 2024 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Information disclosure while handling beacon probe frame during scan entry generation in client side.
CVE-2024-21459 1Qualcomm 175Ar8035 Firmware Ar9380 FirmwareCsr8811 Firmware+172 more Aug 15, 2025 Aug 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Information disclosure while handling beacon or probe response frame in STA.
CVE-2024-38071 1Microsoft 6Windows Server 2008 Windows Server 2012Windows Server 2016+3 more Nov 21, 2024 Jul 9, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Windows Remote Desktop Licensing Service Denial of Service Vulnerability

Previous 1...101112...23 Next