Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-27831

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-26 Feb, 2026 | 00:11
Updated At-27 Feb, 2026 | 15:24
Rejected At-
Credits

rldns Vulnerable to Heap-based Out-of-Bounds Read

rldns is an open source DNS server. Version 1.3 has a heap-based out-of-bounds read that leads to denial of service. Version 1.4 contains a patch for the issue.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:26 Feb, 2026 | 00:11
Updated At:27 Feb, 2026 | 15:24
Rejected At:
▼CVE Numbering Authority (CNA)
rldns Vulnerable to Heap-based Out-of-Bounds Read

rldns is an open source DNS server. Version 1.3 has a heap-based out-of-bounds read that leads to denial of service. Version 1.4 contains a patch for the issue.

Affected Products
Vendor
bluedragonsecurity
Product
rldns
Versions
Affected
  • = 1.3
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/bluedragonsecurity/rldns/security/advisories/GHSA-fv38-45j4-g9x4
x_refsource_CONFIRM
https://github.com/bluedragonsecurity/rldns-1.3-heap-out-of-bounds-vulnerability-fixed-in-rldns-1.4
x_refsource_MISC
https://github.com/bluedragonsecurity/rldns_archives/blob/main/diff/rldns-1.4.diff
x_refsource_MISC
https://medium.com/@w1sdom/heap-based-buffer-over-read-vulnerability-in-rldns-1-3-5da3bccdc031
x_refsource_MISC
Hyperlink: https://github.com/bluedragonsecurity/rldns/security/advisories/GHSA-fv38-45j4-g9x4
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/bluedragonsecurity/rldns-1.3-heap-out-of-bounds-vulnerability-fixed-in-rldns-1.4
Resource:
x_refsource_MISC
Hyperlink: https://github.com/bluedragonsecurity/rldns_archives/blob/main/diff/rldns-1.4.diff
Resource:
x_refsource_MISC
Hyperlink: https://medium.com/@w1sdom/heap-based-buffer-over-read-vulnerability-in-rldns-1-3-5da3bccdc031
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/bluedragonsecurity/rldns/security/advisories/GHSA-fv38-45j4-g9x4
exploit
Hyperlink: https://github.com/bluedragonsecurity/rldns/security/advisories/GHSA-fv38-45j4-g9x4
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:26 Feb, 2026 | 01:16
Updated At:27 Feb, 2026 | 16:16

rldns is an open source DNS server. Version 1.3 has a heap-based out-of-bounds read that leads to denial of service. Version 1.4 contains a patch for the issue.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-125Secondarysecurity-advisories@github.com
CWE ID: CWE-125
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/bluedragonsecurity/rldns-1.3-heap-out-of-bounds-vulnerability-fixed-in-rldns-1.4security-advisories@github.com
N/A
https://github.com/bluedragonsecurity/rldns/security/advisories/GHSA-fv38-45j4-g9x4security-advisories@github.com
N/A
https://github.com/bluedragonsecurity/rldns_archives/blob/main/diff/rldns-1.4.diffsecurity-advisories@github.com
N/A
https://medium.com/@w1sdom/heap-based-buffer-over-read-vulnerability-in-rldns-1-3-5da3bccdc031security-advisories@github.com
N/A
https://github.com/bluedragonsecurity/rldns/security/advisories/GHSA-fv38-45j4-g9x4134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://github.com/bluedragonsecurity/rldns-1.3-heap-out-of-bounds-vulnerability-fixed-in-rldns-1.4
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/bluedragonsecurity/rldns/security/advisories/GHSA-fv38-45j4-g9x4
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/bluedragonsecurity/rldns_archives/blob/main/diff/rldns-1.4.diff
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://medium.com/@w1sdom/heap-based-buffer-over-read-vulnerability-in-rldns-1-3-5da3bccdc031
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/bluedragonsecurity/rldns/security/advisories/GHSA-fv38-45j4-g9x4
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

535Records found
CVE-2025-30176
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.94%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-03 Oct, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-totally_integrated_automation_portaluser_management_componentsinec_nmssimatic_pcs_neosinema_remote_connectTotally Integrated Automation Portal (TIA Portal) V19SIMATIC PCS neo V4.1Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V20SINEC NMSTotally Integrated Automation Portal (TIA Portal) V18SINEMA Remote ConnectSIMATIC PCS neo V5.0User Management Component (UMC)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-0400
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.84%
||
7 Day CHG~0.00%
Published-29 Aug, 2022 | 14:03
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelkernel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-29971
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-2.78% / 85.81%
||
7 Day CHG+0.21%
Published-13 May, 2025 | 16:58
Updated-13 Feb, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web Threat Defense (WTD.sys) Denial of Service Vulnerability

Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_23h2windows_11_22h2windows_11_24h2Windows 11 version 22H2Windows 11 Version 23H2Windows 11 version 22H3Windows 11 Version 24H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-27788
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.50%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 13:51
Updated-02 Apr, 2025 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruby JSON Parser has Out-of-bounds Read

JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions prior to 2.10.0 are not vulnerable. Version 2.10.2 fixes the problem. No known workarounds are available.

Action-Not Available
Vendor-Ruby
Product-javascript_object_notationjson
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-46749
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.42%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 18:59
Updated-28 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_2600xathlon_gold_3150geryzen_3600x_firmwareryzen_3800xryzen_1200_\(af\)_firmwareryzen_3300xryzen_5300geryzen_3600ryzen_5995wxryzen_2920x_firmwareryzen_5600ryzen_5955wxryzen_5800x_firmwareryzen_2700eryzen_2600_firmwareryzen_5500_firmwareryzen_5900ryzen_3600xryzen_2920xryzen_pro_2100ge_firmwareryzen_2970wx_firmwareryzen_3800x_firmwareryzen_3600xt_firmwareryzen_5700xryzen_5600xryzen_2300x_firmwareryzen_5300g_firmwareryzen_5700geryzen_2600e_firmwareryzen_2950xryzen_3900xt_firmwareryzen_2600ryzen_3600_firmwareryzen_2500xryzen_5600x_firmwareryzen_3900xtryzen_5945wx_firmwareryzen_2990wx_firmwareathlon_gold_3150g_firmwareryzen_5800_firmwareryzen_2990wxryzen_3100_firmwareryzen_3500_firmwareryzen_2500x_firmwareryzen_5300gryzen_2200geryzen_2200ge_firmwareryzen_3900ryzen_5975wxryzen_2200gryzen_2950x_firmwareryzen_2600eryzen_2700_firmwareryzen_5800ryzen_3800xt_firmwareryzen_5800xryzen_5800x3d_firmwareryzen_3300x_firmwareathlon_silver_3050geryzen_2970wxathlon_silver_3050ge_firmwareryzen_3800xtryzen_5500ryzen_2700x_firmwareryzen_3900xryzen_2600x_firmwareryzen_5955wx_firmwareryzen_3500ryzen_5300ge_firmwareryzen_2400ge_firmwareryzen_3950xryzen_5995wx_firmwareryzen_5950x_firmwareathlon_gold_3150gryzen_1200_\(af\)ryzen_5700g_firmwareryzen_5900_firmwareryzen_3600xtryzen_5600ge_firmwareryzen_5600gryzen_5950xryzen_2400gryzen_pro_2100geryzen_5600_firmwareryzen_2700xryzen_5965wx_firmwareryzen_5600g_firmwareryzen_2400geryzen_5945wxryzen_5965wxryzen_5700gryzen_5600geryzen_3900_firmwareryzen_2700ryzen_2200g_firmwareryzen_5900xryzen_3950x_firmwareryzen_5700ge_firmwareryzen_3100ryzen_1600_\(af\)ryzen_2300xryzen_1600_\(af\)_firmwareryzen_3500xryzen_3500x_firmwareryzen_2400g_firmwareryzen_5900x_firmwareryzen_5700x_firmwareryzen_5975wx_firmwareryzen_5800x3dryzen_3900x_firmwareryzen_2700e_firmwareathlon_gold_3150ge_firmwareRyzen™ 3000 Series Desktop Processors “Matisse” AM4Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge”Ryzen™ Threadripper™ PRO Processors “Castle Peak” WSRyzen™ 2000 Series Mobile Processors “Raven Ridge” FP5Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULPRyzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” Ryzen™ Threadripper™ PRO Processors “Chagall” WSRyzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDTRyzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-4181
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.38%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 00:00
Updated-03 Nov, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Fedora ProjectOracle CorporationDebian GNU/LinuxWireshark Foundation
Product-http_serverdebian_linuxwiresharkfedorazfs_storage_appliance_kitWireshark
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-41040
Matching Score-4
Assigner-Eclipse Foundation
ShareView Details
Matching Score-4
Assigner-Eclipse Foundation
CVSS Score-7.5||HIGH
EPSS-1.19% / 78.56%
||
7 Day CHG~0.00%
Published-01 Feb, 2022 | 11:12
Updated-04 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Eclipse Wakaama, ever since its inception until 2021-01-14, the CoAP parsing code does not properly sanitize network-received data.

Action-Not Available
Vendor-n/aEclipse Foundation AISBL
Product-wakaaman/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-39984
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.79%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-3839
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.35%
||
7 Day CHG~0.00%
Published-23 Aug, 2022 | 15:52
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability.

Action-Not Available
Vendor-dpdkn/aRed Hat, Inc.Fedora Project
Product-enterprise_linux_fast_datapathfedoradata_plane_development_kitenterprise_linuxdpdk
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-38202
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.45% / 80.56%
||
7 Day CHG~0.00%
Published-08 Aug, 2021 | 19:25
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-linux_kernelhci_storage_nodehci_management_nodehci_bootstrap_oshci_compute_nodeelement_softwaresolidfiren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-38561
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.47%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 00:00
Updated-14 Apr, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.

Action-Not Available
Vendor-n/aGo
Product-textn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-38380
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.77%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 17:16
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack.

Action-Not Available
Vendor-live555n/a
Product-live555n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37015
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.44%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:22
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37570
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 69.28%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:23
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7615_firmwaremt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7613_firmwaremt7915_firmwaremt7629mt7622mt7915mt7613n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37564
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 69.28%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:23
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7615_firmwaremt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7613_firmwaremt7915_firmwaremt7629mt7622mt7915mt7613n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37565
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 69.28%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:23
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7615_firmwaremt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7613_firmwaremt7915_firmwaremt7629mt7622mt7915mt7613n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37567
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 69.28%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:23
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7615_firmwaremt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7613_firmwaremt7915_firmwaremt7629mt7622mt7915mt7613n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37562
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 69.28%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:24
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7628mt7622_firmwaremt7603emt7610mt7612mt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7629mt7613mt7612_firmwaremt7915_firmwaremt7610_firmwaremt7620mt7615_firmwaremt7613_firmwaremt7622mt7915mt7620_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37070
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.79%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:03
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37090
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.42%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:06
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37066
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.79%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:03
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37076
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.79%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-42054
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.18%
||
7 Day CHG~0.00%
Published-07 Oct, 2021 | 05:28
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication.

Action-Not Available
Vendor-accel-pppn/a
Product-accel-pppn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21446
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.27%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214wcn6650sd865_5gipq9574qcn9000_firmwareqcn6102_firmwareqca6595sm8735qcn9022ipq6028_firmwarewcd9370qca8081_firmwareqcn9001qca8072qca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwareipq5028_firmwarewcd9395_firmwaresxr2330p_firmwareqcn6024wcn7881_firmwareqcn9003_firmwarewcn7750ar9380wcn6450qcc710_firmwareqcc2073_firmwareqca6426snapdragon_8\+_gen_1_mobileipq8076wcn6740_firmwarefastconnect_6700ipq6018_firmwaresnapdragon_780g_5g_mobileqca9984_firmwareqcn6023qcn5124_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca9994_firmwareqca6426_firmwarewcd9395ipq9048ipq6000qca6574au_firmwareipq8078asnapdragon_x72_5g_modem-rfipq8078a_firmwareqam8295pqca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqca2064_firmwaresm8650q_firmwareqcn5122qcs9100qca6554aqcs5430fastconnect_6800_firmwarewcn7860qcn6024_firmwareqca9886_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwareqca2062_firmwaresnapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwareqca6777aqqsm8350_firmwareqcn5054fastconnect_6900ipq5332_firmwareqep8111sa7255psm8635qcn5052qca9980wcd9385_firmwareqca6421qfw7114ipq9574_firmwareqam8255p_firmwareipq8064ipq8074a_firmwareipq8076aqcn5164sdx61snapdragon_x65_5g_modem-rfqcs4490qca6787aqwsa8845sa6155pqcn6100_firmwareqca6421_firmwareqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650psa9000pqca8085srv1h_firmwaresnapdragon_888_5g_mobile_firmwareqcn6100qca6595ausnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqca6698auqca9986_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750pqcn9012ipq8070a_firmwareqcn9070qcs4490_firmwareqcf8001snapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqca8084sm8635psnapdragon_x62_5g_modem-rf_firmwareqmp1000snapdragon_8_gen_2_mobilewcd9370_firmwareqcc2076sa7255p_firmwareqca6574asm7635p_firmwaresnapdragon_x72_5g_modem-rf_firmwareipq9570snapdragon_8\+_gen_2_mobileqca6174asa8195pwcd9340snapdragon_auto_5g_modem-rf_gen_2qcm6490qcn6122_firmwareqcn5154_firmwareipq9048_firmwaresxr2250psm8550p_firmwareqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574ipq9570_firmwaresxr2230p_firmwarear9380_firmwareqca6777aq_firmwareqca2066_firmwareqca6698au_firmwareqcn9011sa8775p_firmwareqamsrv1hwsa8845hqcn9024_firmwareqca8082sm8650qsa8155p_firmwaresa8155pqca8072_firmwarewsa8830sm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwaresa8255p_firmwareqcn6122sm7675_firmwareqcc2073ipq8174_firmwareipq8072asm7635_firmwarear8035qamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwareimmersive_home_216_firmwarewcn6450_firmwaresm7635pqca2065qca9985immersive_home_316srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareipq8071aqcn6224qcs615qcn6112qca6698aqwcn3950_firmwaresa7775p_firmwaressg2125p_firmwaresm7635sm7325p_firmwarewcd9378sm8635p_firmwaresm6650p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwareqcn9002ipq8078snapdragon_8_gen_3_mobileqcs6490ipq9554_firmwaresnapdragon_778g_5g_mobileqcn9072wsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832sdx61_firmwareqca8082_firmwarewcd9378_firmwareqcc2076_firmwaresrv1limmersive_home_216srv1msxr2130_firmwaresm7675pqca6678aqsnapdragon_x35_5g_modem-rfar8035_firmwareqcn5022_firmwaresnapdragon_778g\+_5g_mobilewcn7860_firmwareqca9992sc8380xpqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_x62_5g_modem-rfipq9008ipq9554qca6564auqca9992_firmwareqca9990sc8280xp-abbbipq9008_firmwareqcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcn5054_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwareqcm4490_firmwarewcn3950sd_8_gen1_5g_firmwareqcn6112_firmwaresnapdragon_870_5g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computeipq5028qca9986qcf8001_firmwareqcn9070_firmwareqca8085_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobileqca9984ipq5010_firmwareqcn9022_firmwareqca9886qcn6132ipq6018qcn6102qca6584ausd888qcn6274_firmwarewcn6755_firmwareqcn9011_firmwarewcn6740wcn6650_firmwaresc8380xp_firmwareipq8065snapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_214_firmwaresnapdragon_865_5g_mobile_firmwareqcn9001_firmwareipq8070asm8635_firmwarefastconnect_6900_firmwarewcd9380qam8255psxr2230pqca9990_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880qcn9003sxr2330pqca8075_firmwarewcn6755qcf8000qcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230pwcn7881qca2065_firmwaresm6650ipq6010video_collaboration_vc3_platformsm6650pqca9980_firmwareqca9985_firmwareqca6688aqqam8295p_firmwareqca6431_firmwaresm7315qca6698aq_firmwarewcd9385qca9994qsm8350snapdragon_888\+_5g_mobilesnapdragon_8_gen_1_mobileqca8084_firmwaresa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqcn5024qep8111_firmwareqcs615_firmwaresg8275psdx55_firmwareipq8071a_firmwaresm8750_firmwaresnapdragon_auto_5g_modem-rfssg2125pqca6554a_firmwaresxr2130ipq6028qcm4490snapdragon_x65_5g_modem-rf_firmwareqcn9100qamsrv1mqca6174a_firmwaresm7325pwcn7861wcn7861_firmwareqam8650p_firmwareqca2062qcs6490_firmwaresm6650_firmwareipq8076_firmwareqam8620pqca6584au_firmwareqcn5152_firmwareqca6436qcn6274qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000qcs8300_firmwareipq8068qca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqcn5124qam8775psnapdragon_ar2_gen_1_firmwareipq8064_firmwareqca6797aqqcn5152ipq8065_firmwaresnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwaresnapdragon_865_5g_mobileipq8074aqca9889qcn5024_firmwarewcd9375_firmwareqcn9002_firmwareqca6787aq_firmwaresnapdragon_ar1_gen_1_firmwareqca8386immersive_home_318ipq5010qcn9274_firmwareqca6391sa7775pqcs5430_firmwaresnapdragon_x32_5g_modem-rfipq8173_firmwareqcn9012_firmwaresa8770p_firmwaresa8295pqcs8550ipq8068_firmwareipq6000_firmwaresm8735_firmwaresa8650pfastconnect_7800qam8775p_firmwaresd865_5g_firmwaresc8280xp-abbb_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca6688aq_firmwareqca9889_firmwaresnapdragon_ar2_gen_1immersive_home_316_firmwareqamsrv1h_firmwaresm7675qcn5154snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwareqca2066ssg2115p_firmwarecsr8811qcn5022sm7675p_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2016-7969
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.00% / 88.21%
||
7 Day CHG~0.00%
Published-03 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."

Action-Not Available
Vendor-libass_projectn/aopenSUSEFedora Project
Product-fedoraleapopensuselibassn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26253
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.46%
||
7 Day CHG~0.00%
Published-21 Feb, 2023 | 00:00
Updated-14 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.

Action-Not Available
Vendor-glustern/a
Product-glusterfsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-13502
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.08% / 24.66%
||
7 Day CHG~0.00%
Published-25 Nov, 2025 | 08:02
Updated-06 Feb, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Webkit: webkitgtk / wpe webkit: out-of-bounds read and integer underflow vulnerability leading to dos

A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server.

Action-Not Available
Vendor-The WebKitGTK TeamRed Hat, Inc.
Product-Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 6webkitgtkRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.4 Extended Update Support
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-54114
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-4.4||MEDIUM
EPSS-0.09% / 26.32%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:10
Updated-12 Dec, 2024 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-54109
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 53.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:04
Updated-18 Sep, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-54115
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-4.3||MEDIUM
EPSS-0.16% / 37.14%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:11
Updated-12 Dec, 2024 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14468
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.68% / 71.19%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:27
Updated-03 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

Action-Not Available
Vendor-n/aApple Inc.openSUSEFedora ProjectRed Hat, Inc.Debian GNU/LinuxF5, Inc.tcpdump & libpcap
Product-big-ip_analyticsbig-ip_application_security_managerleapbig-ip_link_controllertraffix_signaling_delivery_controllerbig-ip_local_traffic_managerbig-ip_domain_name_systembig-ip_access_policy_managermac_os_xtcpdumpdebian_linuxiworkflowbig-ip_policy_enforcement_managerbig-ip_fraud_protection_serviceenterprise_linuxfedoraenterprise_managerbig-ip_global_traffic_managerbig-ip_application_acceleration_managerbig-ip_advanced_firewall_managerbig-ip_webacceleratorbig-iq_centralized_managementbig-ip_edge_gatewayn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14463
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.62% / 69.59%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:12
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.tcpdump & libpcapFedora ProjectRed Hat, Inc.openSUSEF5, Inc.
Product-debian_linuxfedoraenterprise_linuxmac_os_xtraffix_signaling_delivery_controllertcpdumpleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-19204
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.95% / 92.43%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 20:06
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.

Action-Not Available
Vendor-oniguruma_projectn/aDebian GNU/LinuxFedora Project
Product-onigurumadebian_linuxfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33047
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.62%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing no-inherit IES.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwaresd865_5gipq9574qcn9000_firmwareqcn6102_firmwareqca6595qcn9022ipq6028_firmwareimmersive_home_214_platformqca8081_firmwarewcd9370qcn9001qca8072qca6696wcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024qcn9003_firmwareqca6390ar9380qcc2073_firmwareqcc710_firmwareipq8076qca6426wcn6740_firmwareipq6018_firmwareqca9984_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareimmersive_home_216_platformqca8337qca9994_firmwareqca6426_firmwarewcd9395ipq6000qca6574au_firmwareipq8078aipq8078a_firmwarewcn785x-5qam8295pqca6574auwcd9390wsa8810_firmwarewsa8845h_firmwareqcn9100_firmwareqca2064_firmwareqcn5122qca6554aqcn6024_firmwareqca9886_firmwaresm8350qcn9000ssg2115pqcc710qcn6132_firmwareqca2062_firmwareqsm8350_firmwareqcn5054sm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114wcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemipq9574_firmwareqam8255p_firmwareipq8064ipq8074a_firmwareipq8076aqcn5164snapdragon_ar2_gen_1_platform_firmwareqcs4490immersive_home_3210_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650pqca8085snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595auwsa8840qcs8550_firmwareqca6390_firmwareqca9986_firmwareqfw7124_firmwareqca6436_firmwareqcn9012ipq8070a_firmwareqcn9070qcs4490_firmwaresnapdragon_8_gen_2_mobile_platformqcf8001qca8084sm8250-ac_firmwaresdx65mwcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqcc2076qca6574aipq9570wcd9340qcm6490immersive_home_316_platform_firmwareqcn6122_firmwareqcn5154_firmwaresm8550p_firmwareimmersive_home_3210_platformqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwareqca6574snapdragon_x75_5g_modem-rf_systemipq9570_firmwaresxr2230p_firmwarear9380_firmwareqca2066_firmwareqcn9024_firmwarewsa8845hqca8082qca8072_firmwarewsa8830sm8550pqcf8000_firmwareqcn9074_firmwareipq8174qcn6122sa8255p_firmwareipq8174_firmwarewcn785x-1_firmwareqcc2073ar8035ipq8072aqca2065qca9985qcn6224ipq8071asc8280xp-absm8475_firmwareqcn6112qca6698aqwcn3950_firmwaressg2125p_firmwarewcn685x-1video_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareqcn9002ipq8078immersive_home_326_platform_firmwareqcs6490ipq9554_firmwaresc8280xp-bb_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwareqcc2076_firmwaresxr2130_firmwareqca6678aqar8035_firmwareqcn5022_firmwaresm8475qca9992sc8380xpsm8250-ab_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwareipq9008ipq9554qca6564auqca9992_firmwareqca9990ipq9008_firmwareqcn9074immersive_home_214_platform_firmwarewsa8815_firmwaresm8250-abqca8337_firmwareqcn5054_firmwareqca9888ipq5332qcn9013sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwaresm8350-ac_firmwareipq6010_firmwareqcm4490_firmwarewcn785x-5_firmwarewcn3950snapdragon_xr2_5g_platformqcn6112_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresm7350-ab_firmwareipq5028qca9986qcf8001_firmwareqcn9070_firmwareqca8085_firmwaresa8295p_firmwareqca9984ipq5010_firmwareqcn9022_firmwareqca9886qcn6132ipq6018qcn6102qca6584ausd888qcn6274_firmwarewcn685x-5wcn6740sc8380xp_firmwareipq8065qfw7114_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250-acsm8250_firmwareqcn9001_firmwareimmersive_home_216_platform_firmwareipq8070awcd9380qam8255psxr2230pqca9990_firmwaresnapdragon_xr2_5g_platform_firmwareqcn9003qca8075_firmwareqcf8000qcn5052_firmwaresm7350-absnapdragon_auto_5g_modem-rf_firmwareqca2064sm8350_firmwaresxr1230pqca2065_firmwareipq6010sdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqam8295p_firmwareqca6698aq_firmwarewcd9385qca9994qsm8350sc8280xp-bbqca8084_firmwaresa8255psxr1230p_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwarewcn6750qcn5024sg8275pwcn6750_firmwaresdx55_firmwareipq8071a_firmwaresnapdragon_auto_5g_modem-rfssg2125pqca6554a_firmwaresxr2130ipq6028qcm4490qcn9100immersive_home_326_platformqam8650p_firmwareqcn9013_firmwareqca2062qcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274qca6436qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000sm8250snapdragon_ar2_gen_1_platformipq8068qca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqcn5124qam8775pipq8064_firmwareqca6797aqqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_318_platformqca9889qcn5024_firmwaresd_8_gen1_5g_firmwareqcn9002_firmwarewcd9375_firmwareqca8386qca6391ipq5010qcn9274_firmwarewcn785x-1ipq8173_firmwareqcn9012_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295pqcs8550ipq8068_firmwareipq6000_firmwareqam8775p_firmwaresd865_5g_firmwarewcd9375ipq8078_firmwarewcn685x-5_firmwareqca9889_firmwareqcn5154immersive_home_316_platformwsa8835_firmwareqca2066ssg2115p_firmwarecsr8811qcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn685x-1_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-27728
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.75%
||
7 Day CHG~0.00%
Published-09 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • ...
  • 9
  • 10
  • 11
  • Next
Details not found