CWE-126 · Buffer Over-read

455 CVEs classified under CWE-126 (Buffer Over-read). Browse by severity and year.

Top CVEs for CWE-126
CVESeverityScorePublishedSummary
CVE-2026-41898Critical9.82026-04-24rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk…
CVE-2017-17772Critical9.82024-11-26In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
CVE-2023-36397Critical9.82023-11-14Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2019-3563Critical9.82019-04-29Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow. This affects vers…
CVE-2018-14790Critical9.82018-10-01Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnera…
CVE-2017-7679Critical9.82017-06-20In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response…
CVE-2024-38373Critical9.62024-06-24FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Respon…
CVE-2025-12106Critical9.12025-12-01Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses
CVE-2025-55081Critical9.12025-10-15In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length verification of certai…
CVE-2023-51773Critical9.12024-02-29BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacapp_decode_application_data in bacapp.c.
CVE-2021-34584Critical9.12021-10-26Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2…
CVE-2019-11036Critical9.12019-05-03When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated…
CVE-2025-36855High8.82025-09-08A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due to buffer over-read. Per CWE-126: Buffer Over-read https://c…
CVE-2025-21176High8.82025-01-14.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2024-38265High8.82024-10-08Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2023-49285High8.62023-12-04Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack agai…
CVE-2022-20823High8.62022-08-25A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (Do…
CVE-2022-20714High8.62022-04-15A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated…
CVE-2021-1588High8.62021-08-25A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to…
CVE-2021-1373High8.62021-03-24A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cis…