Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CVEs (446)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-30079 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Nov 21, 2024 Jul 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-30071 1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 more Nov 21, 2024 Jul 9, 2024 N/A· v4 4.7 MEDIUM· v3 N/A· v2 Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-21465 1Qualcomm 2579205 Lte Modem Firmware Aqt1000 FirmwareAr8031 Firmware+254 more Nov 21, 2024 Jul 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing key blob passed by the user.
CVE-2024-21462 1Qualcomm 309315 5g Iot Modem Firmware 9205 Lte Modem FirmwareAqt1000 Firmware+306 more Nov 21, 2024 Jul 1, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Transient DOS while loading the TA ELF file.
CVE-2024-21458 1Qualcomm 111Ar8035 Firmware Csr8811 FirmwareFastconnect 7800 Firmware+108 more Nov 21, 2024 Jul 1, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Information disclosure while handling SA query action frame.
CVE-2024-21457 1Qualcomm 111Ar8035 Firmware Csr8811 FirmwareFastconnect 7800 Firmware+108 more Nov 21, 2024 Jul 1, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 INformation disclosure while handling Multi-link IE in beacon frame.
CVE-2024-21456 1Qualcomm 42Ar8035 Firmware Fastconnect 7800 FirmwareQam8255p Firmware+39 more Nov 21, 2024 Jul 1, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Information Disclosure while parsing beacon frame in STA.
CVE-2024-38373 1Amazon 1Freertos Plus Tcp Nov 21, 2024 Jun 24, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A care...Show more FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the actual domain name length, could cause the parser to read beyond the DNS response buffer. This issue affects applications using DNS functionality of the FreeRTOS-Plus-TCP stack. Applications that do not use DNS functionality are not affected, even when the DNS functionality is enabled. This vulnerability has been patched in version 4.1.1.Show less
CVE-2024-30069 1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 more Nov 21, 2024 Jun 11, 2024 N/A· v4 4.7 MEDIUM· v3 N/A· v2 Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-23363 1Qualcomm 124Ar8035 Firmware Csr8811 FirmwareFastconnect 6900 Firmware+121 more Jan 9, 2025 Jun 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
CVE-2023-43555 1Qualcomm 113215 Mobile Firmware Aqt1000 FirmwareFastconnect 6200 Firmware+110 more Aug 11, 2025 Jun 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Information disclosure in Video while parsing mp2 clip with invalid section length.
CVE-2023-43537 1Qualcomm 111Ar8035 Firmware Csr8811 FirmwareFastconnect 6900 Firmware+108 more Aug 11, 2025 Jun 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Information disclosure while handling T2LM Action Frame in WLAN Host.
CVE-2024-30039 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Aug 27, 2025 May 14, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-21477 1Qualcomm 182Aqt1000 Firmware Ar8035 FirmwareCsr8811 Firmware+179 more Jan 15, 2025 May 6, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
CVE-2023-43528 1Qualcomm 90Ar8035 Firmware C V2x 9150 FirmwareCsrb31024 Firmware+87 more Aug 11, 2025 May 6, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
CVE-2023-43527 1Qualcomm 53Fastconnect 6800 Firmware Fastconnect 6900 FirmwareFastconnect 7800 Firmware+50 more Aug 11, 2025 May 6, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure while parsing dts header atom in Video.
CVE-2024-28902 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jan 8, 2025 Apr 9, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-28901 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jan 8, 2025 Apr 9, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-28900 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jan 8, 2025 Apr 9, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-26255 1Microsoft 9Windows 10 1809 Windows 10 21h2Windows 10 22h2+6 more Jan 8, 2025 Apr 9, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Windows Remote Access Connection Manager Information Disclosure Vulnerability

Previous 1...111213...23 Next