CWE-125 - Out-of-bounds read

Description

The software reads data past the end, or before the beginning, of the intended buffer. This typically occurs when the pointer or its index is incremented or decremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in corruption of sensitive information, a crash, or code execution among other things.The weakness is introduced during Implementation stage.

Latest vulnerabilities for CWE-125

Out-of-bounds read in libpng 2025-12-03
Medium Yes

Out-of-bounds read in PDF-XChange Editor 2025-12-03
Medium Yes

Denial of service in ESP-IDF 2025-12-02
Low No

Multiple vulnerabilities in Unisoc chipsets 2025-12-02
Medium Yes

Multiple vulnerabilities in MediaTek chipsets 2025-12-01
Low Yes

Information disclosure in rust-openssl 2025-11-27
Medium Yes

Information disclosure in EDK2 2025-11-27
Medium Yes

Multiple vulnerabilities in libpng 2025-11-26
Critical Yes Public exploit

Multiple vulnerabilities in IBM QRadar SIEM 2025-11-25
High Yes Public exploit

Multiple vulnerabilities in IBM API Connect 2025-11-25
High Yes Public exploit

References

Description of CWE-125 on Mitre website