Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CVEs (446)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-43572 1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 more Nov 21, 2024 Nov 8, 2023 N/A· v4 4.4 MEDIUM· v3 N/A· v2 A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.
CVE-2023-43568 1Lenovo 111Ideacentre 3 07ada05 Firmware Ideacentre 3 07imb05 FirmwareIdeacentre 5 14acn6 Firmware+108 more Nov 21, 2024 Nov 8, 2023 N/A· v4 4.4 MEDIUM· v3 N/A· v2 A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.
CVE-2023-33061 1Qualcomm 114Ar8035 Firmware Csr8811 FirmwareImmersive Home 214 Platform Firmware+111 more Nov 21, 2024 Nov 7, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.
CVE-2023-33048 1Qualcomm 114Ar8035 Firmware Csr8811 FirmwareImmersive Home 214 Platform Firmware+111 more Nov 21, 2024 Nov 7, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS in WLAN Firmware while parsing t2lm buffers.
CVE-2023-33047 1Qualcomm 177Ar8035 Firmware Ar9380 FirmwareCsr8811 Firmware+174 more Aug 11, 2025 Nov 7, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS in WLAN Firmware while parsing no-inherit IES.
CVE-2023-28572 1Qualcomm 54Csrb31024 Firmware Fastconnect 6800 FirmwareFastconnect 6900 Firmware+51 more Nov 21, 2024 Nov 7, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.
CVE-2023-28569 1Qualcomm 207Aqt1000 Firmware Ar9380 FirmwareCsr8811 Firmware+204 more Aug 11, 2025 Nov 7, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure in WLAN HAL while handling command through WMI interfaces.
CVE-2023-28568 1Qualcomm 87Aqt1000 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+84 more Nov 21, 2024 Nov 7, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure in WLAN HAL when reception status handler is called.
CVE-2023-28566 1Qualcomm 124Aqt1000 Firmware Csrb31024 FirmwareFastconnect 6200 Firmware+121 more Aug 11, 2025 Nov 7, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure in WLAN HAL while handling the WMI state info command.
CVE-2023-28563 1Qualcomm 229Aqt1000 Firmware Ar8031 FirmwareAr8035 Firmware+226 more Aug 11, 2025 Nov 7, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure in IOE Firmware while handling WMI command.
CVE-2023-28554 1Qualcomm 146Aqt1000 Firmware Ar9380 FirmwareC V2x 9150 Firmware+143 more Aug 11, 2025 Nov 7, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
CVE-2023-28553 1Qualcomm 142Ar8035 Firmware Ar9380 FirmwareCsr8811 Firmware+139 more Nov 21, 2024 Nov 7, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information Disclosure in WLAN Host when processing WMI event command.
CVE-2023-36581 1Microsoft 12Windows 10 Windows 10 1607Windows 10 1809+9 more Dec 12, 2024 Oct 10, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-33027 1Qualcomm 327315 5g Iot Modem Firmware 8098 Firmware8998 Firmware+324 more Aug 11, 2025 Oct 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS in WLAN Firmware while parsing rsn ies.
CVE-2023-33026 1Qualcomm 194Ar8035 Firmware Ar9380 FirmwareCsr8811 Firmware+191 more Aug 11, 2025 Oct 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Transient DOS in WLAN Firmware while parsing a NAN management frame.
CVE-2023-28571 1Qualcomm 858098 Firmware 8998 FirmwareApq8064au Firmware+82 more Aug 11, 2025 Oct 3, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.
CVE-2023-24849 1Qualcomm 236315 5g Iot Modem Firmware 9206 Lte Modem Firmware9207 Lte Modem Firmware+233 more Aug 11, 2025 Oct 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
CVE-2023-24848 1Qualcomm 242315 5g Iot Modem Firmware 9206 Lte Modem Firmware9207 Lte Modem Firmware+239 more Aug 11, 2025 Oct 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
CVE-2023-22385 1Qualcomm 239315 5g Iot Modem Firmware 9205 Lte Modem Firmware9206 Lte Modem Firmware+236 more Aug 11, 2025 Oct 3, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
CVE-2023-38152 1Microsoft 5Windows Server 2008 Windows Server 2012Windows Server 2016+2 more Nov 21, 2024 Sep 12, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 DHCP Server Service Information Disclosure Vulnerability

Previous 1...141516...23 Next