CWE-125— Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
8,172 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-125page 56 of 164
- CVE-2021-0522HIGHCVSS 7.5EG 7.52021-06-21
In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not …
- CVE-2021-0541MEDIUMCVSS 4.4EG 4.42021-06-22
In phNxpNciHal_ext_process_nfc_init_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed.…
- CVE-2021-0556MEDIUMCVSS 5.5EG 5.52021-06-22
In getBlockSum of fastcodemb.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for expl…
- CVE-2021-0558MEDIUMCVSS 6.5EG 6.52021-06-22
In fillMainDataBuf of pvmp3_framedecoder.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed…
- CVE-2021-0559MEDIUMCVSS 6.5EG 6.52021-06-22
In Lag_max of p_ol_wgh.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.…
- CVE-2021-0562MEDIUMCVSS 5.5EG 5.52021-06-22
In RasterIntraUpdate of motion_est.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed…
- CVE-2021-0563MEDIUMCVSS 5.5EG 5.52021-06-22
In ih264e_fmt_conv_422i_to_420sp of ih264e_fmt_conv.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction i…
- CVE-2021-0566MEDIUMCVSS 4.4EG 4.42021-06-22
In accessAudioHalPidscpp of TimeCheck.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for ex…
- CVE-2021-0578MEDIUMCVSS 6.5EG 6.52021-08-17
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed fo…
- CVE-2021-0579MEDIUMCVSS 6.5EG 6.52021-08-17
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed fo…
- CVE-2021-0580MEDIUMCVSS 6.5EG 6.52021-08-17
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed fo…
- CVE-2021-0581MEDIUMCVSS 6.5EG 6.52021-08-17
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed fo…
- CVE-2021-0582MEDIUMCVSS 6.5EG 6.52021-08-17
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed fo…
- CVE-2021-0584MEDIUMCVSS 5.5EG 5.52021-08-17
In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed…
- CVE-2021-0596HIGHCVSS 7.5EG 7.52021-07-14
In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User intera…
- CVE-2021-0605MEDIUMCVSS 4.4EG 4.42021-06-22
In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for expl…
- CVE-2021-0613MEDIUMCVSS 5.5EG 5.52021-10-25
In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Pat…
- CVE-2021-0614MEDIUMCVSS 5.5EG 5.52021-10-25
In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Pat…
- CVE-2021-0615MEDIUMCVSS 5.5EG 5.52021-10-25
In flv extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:…
- CVE-2021-0616MEDIUMCVSS 5.5EG 5.52021-10-25
In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch …
- CVE-2021-0617MEDIUMCVSS 5.5EG 5.52021-10-25
In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch …
- CVE-2021-0618MEDIUMCVSS 5.5EG 5.52021-10-25
In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch …
- CVE-2021-0619MEDIUMCVSS 5.5EG 5.52021-11-18
In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch …
- CVE-2021-0620MEDIUMCVSS 5.5EG 5.52021-11-18
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch …
- CVE-2021-0622MEDIUMCVSS 5.5EG 5.52021-11-18
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch …
- CVE-2021-0624MEDIUMCVSS 5.5EG 5.52021-11-18
In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch …
- CVE-2021-0631HIGHCVSS 7.5EG 7.52021-10-25
In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0555…
- CVE-2021-0632MEDIUMCVSS 6.5EG 6.52021-10-25
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. Us…
- CVE-2021-0650MEDIUMCVSS 6.5EG 6.52021-12-15
In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed…
- CVE-2021-0659MEDIUMCVSS 4.4EG 4.42021-11-18
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS056…
- CVE-2021-0660MEDIUMCVSS 4.9EG 4.92021-09-27
In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827145; Iss…
- CVE-2021-0665MEDIUMCVSS 4.4EG 4.42021-11-18
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS056…
- CVE-2021-0666MEDIUMCVSS 4.4EG 4.42021-11-18
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS056…
- CVE-2021-0674MEDIUMCVSS 5.5EG 5.52021-12-17
In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patc…
- CVE-2021-0676MEDIUMCVSS 4.4EG 4.42021-12-17
In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch I…
- CVE-2021-0689MEDIUMCVSS 5.5EG 5.52021-10-06
In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not nee…
- CVE-2021-0900MEDIUMCVSS 4.4EG 4.42021-12-17
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS056…
- CVE-2021-0902MEDIUMCVSS 4.4EG 4.42021-12-17
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS056…
- CVE-2021-0924HIGHCVSS 7.8EG 7.82021-12-15
In xhci_vendor_get_ops of xhci.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exp…
- CVE-2021-0925HIGHCVSS 7.5EG 7.52021-12-15
In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure due to a limited change in behavior based on the out of bounds data with no ad…
- CVE-2021-0939MEDIUMCVSS 4.4EG 4.42021-10-25
In set_default_passthru_cfg of passthru.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for ex…
- CVE-2021-0941MEDIUMCVSS 6.7EG 6.72021-10-25
In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.P…
- CVE-2021-0942CRITICALCVSS 9.8EG 9.82022-09-13
The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_to_phys(psOSPageArrayData->pagearray[ui32PageIndex]);With the c…
- CVE-2021-0976MEDIUMCVSS 6.5EG 6.52021-12-15
In toBARK of floor0.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Produ…
- CVE-2021-0996MEDIUMCVSS 4.5EG 4.52021-12-15
In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privileges needed. User interaction is not neede…
- CVE-2021-0998MEDIUMCVSS 5.5EG 5.52021-12-15
In 'ih264e_find_bskip_params()' of ih264e_me.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not n…
- CVE-2021-1001MEDIUMCVSS 5.5EG 5.52021-12-15
In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed f…
- CVE-2021-1002HIGHCVSS 7.5EG 7.52021-12-15
In WT_Interpolate of eas_wtengine.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for …
- CVE-2021-1007MEDIUMCVSS 4.4EG 4.42021-12-15
In btu_hcif_process_event of btu_hcif.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for …
- CVE-2021-1041MEDIUMCVSS 5.5EG 5.52021-12-15
In (TBD) of (TBD), there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: An…
Map vulnerabilities like CWE-125 to your infrastructure
EchelonGraph correlates every CVE — across CWE-125 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →