CWE-125— Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
8,184 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-125page 91 of 164
- CVE-2023-20677MEDIUMCVSS 4.4EG 4.42023-04-06
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413…
- CVE-2023-20679MEDIUMCVSS 4.4EG 4.42023-04-06
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0758841…
- CVE-2023-20688MEDIUMCVSS 4.4EG 4.42023-04-06
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0744182…
- CVE-2023-20697MEDIUMCVSS 4.4EG 4.42023-05-15
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20698MEDIUMCVSS 4.4EG 4.42023-05-15
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20703MEDIUMCVSS 5.5EG 5.52023-05-15
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20706MEDIUMCVSS 5.5EG 5.52023-05-15
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20711MEDIUMCVSS 4.4EG 4.42023-05-15
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20719MEDIUMCVSS 4.4EG 4.42023-05-15
In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0…
- CVE-2023-20723MEDIUMCVSS 6.7EG 6.72023-06-06
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20724MEDIUMCVSS 6.7EG 6.72023-06-06
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20727MEDIUMCVSS 4.4EG 4.42023-06-06
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531…
- CVE-2023-20728MEDIUMCVSS 4.4EG 4.42023-06-06
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603…
- CVE-2023-20729MEDIUMCVSS 4.4EG 4.42023-06-06
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552…
- CVE-2023-20730MEDIUMCVSS 4.4EG 4.42023-06-06
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552…
- CVE-2023-20731MEDIUMCVSS 4.4EG 4.42023-06-06
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495…
- CVE-2023-20741MEDIUMCVSS 4.4EG 4.42023-06-06
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591;…
- CVE-2023-20742MEDIUMCVSS 4.4EG 4.42023-06-06
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591;…
- CVE-2023-20748MEDIUMCVSS 4.4EG 4.42023-07-04
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07536…
- CVE-2023-20774MEDIUMCVSS 6.7EG 6.72023-07-04
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0729…
- CVE-2023-20798MEDIUMCVSS 4.4EG 4.42023-08-07
In pda, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch …
- CVE-2023-20813MEDIUMCVSS 4.4EG 4.42023-08-07
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: A…
- CVE-2023-20818MEDIUMCVSS 4.4EG 4.42023-08-07
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: A…
- CVE-2023-20823MEDIUMCVSS 4.4EG 4.42023-09-04
In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; …
- CVE-2023-20836MEDIUMCVSS 4.4EG 4.42023-09-04
In camsys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS075056…
- CVE-2023-20838MEDIUMCVSS 4.0EG 4.02023-09-04
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue …
- CVE-2023-20839MEDIUMCVSS 4.2EG 4.22023-09-04
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20840MEDIUMCVSS 6.5EG 6.52023-09-04
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch…
- CVE-2023-20843MEDIUMCVSS 4.2EG 4.22023-09-04
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: A…
- CVE-2023-20844MEDIUMCVSS 4.2EG 4.22023-09-04
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: A…
- CVE-2023-20845MEDIUMCVSS 4.2EG 4.22023-09-04
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20846MEDIUMCVSS 4.2EG 4.22023-09-04
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: A…
- CVE-2023-20847MEDIUMCVSS 4.2EG 4.22023-09-04
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07…
- CVE-2023-20848MEDIUMCVSS 6.5EG 6.52023-09-04
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: …
- CVE-2023-20851MEDIUMCVSS 6.3EG 6.32023-09-04
In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID…
- CVE-2023-20870MEDIUMCVSS 6.0EG 6.02023-04-25
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
- CVE-2023-20896MEDIUMCVSS 5.9EG 5.92023-06-22
The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted …
- CVE-2023-20935MEDIUMCVSS 5.5EG 5.52023-04-19
In deserialize of multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for expl…
- CVE-2023-20948HIGHCVSS 7.5EG 7.52023-02-28
In dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not n…
- CVE-2023-20958HIGHCVSS 7.1EG 7.12023-03-24
In read_paint of ttcolr.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio…
- CVE-2023-20968MEDIUMCVSS 4.4EG 4.42023-03-24
In multiple functions of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for explo…
- CVE-2023-20969MEDIUMCVSS 4.4EG 4.42023-03-24
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for explo…
- CVE-2023-20970MEDIUMCVSS 4.4EG 4.42023-03-24
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for explo…
- CVE-2023-20973MEDIUMCVSS 5.5EG 5.52023-03-24
In btm_create_conn_cancel_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed…
- CVE-2023-20974MEDIUMCVSS 5.5EG 5.52023-03-24
In btm_ble_add_resolving_list_entry_complete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interac…
- CVE-2023-20977MEDIUMCVSS 4.4EG 4.42023-03-24
In btm_ble_read_remote_features_complete of btm_ble_gap.cc, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if the firmware were compromised with System execution pri…
- CVE-2023-20979MEDIUMCVSS 5.5EG 5.52023-03-24
In GetNextSourceDataPacket of bta_av_co.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not neede…
- CVE-2023-20980MEDIUMCVSS 5.5EG 5.52023-03-24
In btu_ble_ll_conn_param_upd_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User in…
- CVE-2023-20981MEDIUMCVSS 4.4EG 4.42023-03-24
In btu_ble_rc_param_req_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for e…
- CVE-2023-20982MEDIUMCVSS 4.4EG 4.42023-03-24
In btm_read_tx_power_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User intera…
Map vulnerabilities like CWE-125 to your infrastructure
EchelonGraph correlates every CVE — across CWE-125 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →