CWE-125— Out-of-bounds Read
7,779 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-125page 47 of 156
- CVE-2020-24348MEDIUMCVSS 5.5EG 5.52020-08-13
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
- CVE-2020-24352MEDIUMCVSS 5.5EG 5.52020-10-16
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through …
- CVE-2020-24372HIGHCVSS 7.5EG 7.52020-08-17
LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c.
- CVE-2020-24383CRITICALCVSS 9.1EG 9.12020-12-11
An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing…
- CVE-2020-24387HIGHCVSS 7.5EG 7.52020-10-19
An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write op…
- CVE-2020-24409HIGHCVSS 7.8EG 7.82020-10-20
Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary c…
- CVE-2020-24410HIGHCVSS 7.8EG 7.82020-10-20
Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary c…
- CVE-2020-24418HIGHCVSS 7.8EG 7.82020-10-21
Adobe After Effects version 17.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .aepx file, which could result in a read past the end of an allocated memory structure. An attacker could leverage t…
- CVE-2020-24426LOWCVSS 3.3EG 3.32020-11-05
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could…
- CVE-2020-24434LOWCVSS 3.3EG 3.32020-11-05
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could…
- CVE-2020-24506MEDIUMCVSS 4.4EG 4.42021-06-09
Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.
- CVE-2020-24558HIGHCVSS 7.1EG 7.12020-09-01
A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow an attacker to manipulate it to cause an out-of-bounds read that crashes multiple processes in the pr…
- CVE-2020-24564MEDIUMCVSS 5.5EG 5.52020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first…
- CVE-2020-24565MEDIUMCVSS 5.5EG 5.52020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first…
- CVE-2020-24977MEDIUMCVSS 6.5EG 6.52020-09-04
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
- CVE-2020-25021CRITICALCVSS 9.8EG 9.82020-09-04
An issue was discovered in Noise-Java through 2020-08-27. ChaChaPolyCipherState.encryptWithAd() allows out-of-bounds access.
- CVE-2020-25022CRITICALCVSS 9.8EG 9.82020-09-04
An issue was discovered in Noise-Java through 2020-08-27. AESGCMFallbackCipherState.encryptWithAd() allows out-of-bounds access.
- CVE-2020-25023CRITICALCVSS 9.8EG 9.82020-09-04
An issue was discovered in Noise-Java through 2020-08-27. AESGCMOnCtrCipherState.encryptWithAd() allows out-of-bounds access.
- CVE-2020-25054CRITICALCVSS 9.1EG 9.12020-08-31
An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).
- CVE-2020-25107CRITICALCVSS 9.8EG 9.82020-12-11
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful Denial-of-Service, and possibly Remote Code Execution.
- CVE-2020-25109CRITICALCVSS 9.8EG 9.82020-12-11
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS queries/responses (set in a DNS header) is not checked against the data present. This may lead to successful Denial-of-Service, and possibly Rem…
- CVE-2020-25110CRITICALCVSS 9.8EG 9.82020-12-11
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used for internal memory operations. This may lead to successful Denial-of-Service…
- CVE-2020-25181HIGHCVSS 8.8EG 8.82020-12-01
WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution.
- CVE-2020-25188HIGHCVSS 7.8EG 7.82020-10-14
An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA (Versions prior to 4.3.1.8…
- CVE-2020-25624MEDIUMCVSS 5.0EG 5.02020-11-30
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.
- CVE-2020-25665MEDIUMCVSS 5.5EG 5.52020-12-08
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to byt…
- CVE-2020-25667MEDIUMCVSS 5.5EG 5.52020-12-08
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagi…
- CVE-2020-25674MEDIUMCVSS 5.5EG 5.52020-12-08
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 va…
- CVE-2020-25713MEDIUMCVSS 6.5EG 6.52021-05-13
A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common.
- CVE-2020-25767HIGHCVSS 7.5EG 7.52021-08-18
An issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnc_copy_in routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bounds of the packet (e.g., forward compressi…
- CVE-2020-25770MEDIUMCVSS 5.5EG 5.52020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first…
- CVE-2020-25771MEDIUMCVSS 5.5EG 5.52020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first…
- CVE-2020-25772MEDIUMCVSS 5.5EG 5.52020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first…
- CVE-2020-25774MEDIUMCVSS 4.3EG 4.32020-09-29
A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to trigger an out-of-bounds red information disclosure which would disclose sensitive information to an unprivileged account. User interactio…
- CVE-2020-25853HIGHCVSS 7.5EG 7.52021-02-03
The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, _rt_md5_hmac_veneer() or _rt_hmac_sha1_veneer()…
- CVE-2020-25927HIGHCVSS 7.5EG 7.52021-08-18
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Out-of-bounds Read. The impact is: a denial of service (remote). The component is: DNS response processing in function: dns_upcall(). The attack vector is: a specific DN…
- CVE-2020-25928CRITICALCVSS 9.8EG 9.82021-08-18
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: DNS response processing functions: dns_upcall(), getoffset(), dnc_set_answer(). The at…
- CVE-2020-26185HIGHCVSS 7.5EG 7.52022-06-01
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability.
- CVE-2020-26267MEDIUMCVSS 4.4EG 4.42020-12-10
In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized…
- CVE-2020-26269HIGHCVSS 7.5EG 7.52020-12-10
In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the directories. There are multiple invariants an…
- CVE-2020-26271MEDIUMCVSS 4.4EG 4.42020-12-10
In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src nod…
- CVE-2020-26312HIGHCVSS 8.1EG 8.12024-05-14
Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to…
- CVE-2020-26421MEDIUMCVSS 4.2EG 5.32020-12-11
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
- CVE-2020-26566HIGHCVSS 7.5EG 7.52020-10-26
A Denial of Service condition in Motion-Project Motion 3.2 through 4.3.1 allows remote unauthenticated users to cause a webu.c segmentation fault and kill the main process via a crafted HTTP request.
- CVE-2020-26996HIGHCVSS 8.8EG 8.82021-01-12
A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of CG4 files. This could result in a …
- CVE-2020-26998MEDIUMCVSS 5.5EG 5.52021-02-09
A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result i…
- CVE-2020-26999HIGHCVSS 7.8EG 7.82021-02-09
A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result i…
- CVE-2020-27002HIGHCVSS 7.1EG 7.12021-02-09
A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result i…
- CVE-2020-27004MEDIUMCVSS 5.5EG 5.52021-02-09
A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of CGM files. This could result i…
- CVE-2020-27007MEDIUMCVSS 5.5EG 5.52021-02-09
A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of HPG files. This could result i…
Map vulnerabilities like CWE-125 to your infrastructure
EchelonGraph correlates every CVE — across CWE-125 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →