Vulnerabilities > Buffer Over-read

DATE CVE VULNERABILITY TITLE RISK
2025-05-13 CVE-2025-32704 Buffer Over-read vulnerability in Microsoft products
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
local
low complexity
microsoft CWE-126
7.8
2025-05-13 CVE-2025-29956 Buffer Over-read vulnerability in Microsoft products
Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.
network
high complexity
microsoft CWE-126
5.4
2025-05-06 CVE-2024-45568 Buffer Over-read vulnerability in Qualcomm products
Memory corruption due to improper bounds check while command handling in camera-kernel driver.
local
low complexity
qualcomm CWE-126
7.8
2025-05-06 CVE-2024-49846 Buffer Over-read vulnerability in Qualcomm products
Memory corruption while decoding of OTA messages from T3448 IE.
network
low complexity
qualcomm CWE-126
critical
9.1
2025-05-06 CVE-2024-49847 Buffer Over-read vulnerability in Qualcomm products
Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
network
low complexity
qualcomm CWE-126
7.5
2025-05-06 CVE-2025-21459 Buffer Over-read vulnerability in Qualcomm products
Transient DOS while parsing per STA profile in ML IE.
network
low complexity
qualcomm CWE-126
7.5
2025-05-06 CVE-2025-21475 Buffer Over-read vulnerability in Qualcomm products
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
local
low complexity
qualcomm CWE-126
7.8
2025-04-08 CVE-2025-21203 Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
network
low complexity
CWE-126
6.5
2025-04-08 CVE-2025-26664 Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
network
low complexity
CWE-126
6.5
2025-04-08 CVE-2025-26676 Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
network
low complexity
CWE-126
6.5