CWE-127 · Buffer Under-read
8 CVEs classified under CWE-127 (Buffer Under-read). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-10395 | High | 8.6 | 2025-02-03 | No proper validation of the length of user input in http_server_get_content_type_from_extension. |
CVE-2020-5360 | High | 7.5 | 2020-12-16 | Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentiall… |
CVE-2025-20359 | Medium | 6.5 | 2025-10-15 | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosur… |
CVE-2025-32050 | Medium | 5.9 | 2025-04-03 | A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read. |
CVE-2024-25629 | Medium | 4.4 | 2024-02-23 | c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch… |
CVE-2026-45683 | Low | 3.8 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads us… |
CVE-2026-5928 | | 2026-04-20 | Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte characte… | |
CVE-2020-1918 | | 2021-03-10 | In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory… |