Total
380 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-32052 | 2026-04-22 | N/A | 6.5 MEDIUM | ||
| A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read. | |||||
| CVE-2026-0930 | 2026-04-21 | N/A | N/A | ||
| Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output. | |||||
| CVE-2026-40341 | 2026-04-20 | N/A | 3.5 LOW | ||
| libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptp_unpack_EOS_FocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known workarounds are available. | |||||
| CVE-2026-26155 | 2026-04-17 | N/A | 6.5 MEDIUM | ||
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | |||||
| CVE-2026-26169 | 2026-04-17 | N/A | 6.1 MEDIUM | ||
| Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-26184 | 2026-04-17 | N/A | 7.8 HIGH | ||
| Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-32053 | 2026-04-15 | N/A | 6.5 MEDIUM | ||
| A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read. | |||||
| CVE-2025-36855 | 2026-04-15 | N/A | 8.8 HIGH | ||
| A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due to buffer over-read. Per CWE-126: Buffer Over-read https://cwe.mitre.org/data/definitions/126.html , Buffer Over-read is when a product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. This issue affects EOL ASP.NET 6.0.0 <= 6.0.36 as represented in this CVE, as well as 8.0.0 <= 8.0.11 & <= 9.0.0 as represented in CVE-2025-21176. Additionally, if you've deployed self-contained applications https://docs.microsoft.com/dotnet/core/deploying/#self-contained-deployments-scd targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry. | |||||
| CVE-2024-31080 | 2026-04-15 | N/A | 7.3 HIGH | ||
| A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | |||||
| CVE-2025-11961 | 2026-04-15 | N/A | 1.9 LOW | ||
| pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer. | |||||
| CVE-2024-31081 | 2026-04-15 | N/A | 7.3 HIGH | ||
| A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | |||||
| CVE-2024-31082 | 2026-04-15 | N/A | 7.3 HIGH | ||
| A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | |||||
| CVE-2024-57970 | 2026-04-15 | N/A | 4.0 MEDIUM | ||
| libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname. | |||||
| CVE-2024-12975 | 2026-04-15 | N/A | N/A | ||
| A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface. | |||||
| CVE-2025-4207 | 2026-04-15 | N/A | 5.9 MEDIUM | ||
| Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected. | |||||
| CVE-2024-12011 | 2026-04-15 | N/A | 7.6 HIGH | ||
| A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid authentication tokens from the process memory associated to users currently logged to the system and bypass the authentication mechanism. | |||||
| CVE-2025-7745 | 2026-04-15 | N/A | 5.8 MEDIUM | ||
| Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2. | |||||
| CVE-2026-2394 | 1 Rti | 1 Connext Professional | 2026-04-14 | N/A | 6.5 MEDIUM |
| Buffer Over-read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from 4.3x before 5.2.*. | |||||
| CVE-2026-24028 | 1 Powerdns | 1 Dnsdist | 2026-04-14 | N/A | 5.3 MEDIUM |
| An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential information disclosure. | |||||
| CVE-2026-4371 | 1 Mozilla | 1 Thunderbird | 2026-04-13 | N/A | 7.4 HIGH |
| A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9. | |||||