Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-125 (跨界内存读) — Vulnerability Class 2871

2871 vulnerabilities classified as CWE-125 (跨界内存读). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-26153 Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2026-04-14
CVE-2026-33822 Microsoft Word Information Disclosure Vulnerability — Microsoft 365 Apps for Enterprise 6.1 Medium2026-04-14
CVE-2026-33096 HTTP.sys Denial of Service Vulnerability — Windows 11 version 22H3 7.5 High2026-04-14
CVE-2026-32188 Microsoft Excel Information Disclosure Vulnerability — Microsoft 365 Apps for Enterprise 7.1 High2026-04-14
CVE-2026-27931 Windows GDI Information Disclosure Vulnerability — Windows 10 Version 21H2 5.5 Medium2026-04-14
CVE-2026-27284 InDesign Desktop | Out-of-bounds Read (CWE-125) — InDesign Desktop 7.8 High2026-04-14
CVE-2026-39979 jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers — jq 9.8 -2026-04-13
CVE-2026-39956 jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosure — jq 6.1 Medium2026-04-13
CVE-2026-33905 ImageMagick has an Out-of-Bounds read via -sample operation — ImageMagick 5.5 Medium2026-04-13
CVE-2026-32605 Nimiq: Remote crash via off-by-one signer bounds check in proposal buffer — core-rs-albatross 7.5 High2026-04-13
CVE-2026-25209 SAMSUNG Escargot 安全漏洞 — Escargot 6.5 Medium2026-04-13
CVE-2026-25206 SAMSUNG Escargot 安全漏洞 — Escargot 6.7 Medium2026-04-13
CVE-2026-5392 wolfSSL heap OOB read in PKCS7 SignedData streaming — wolfSSL 9.1 -2026-04-09
CVE-2026-5393 OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS — wolfSSL 9.1 -2026-04-09
CVE-2026-34987 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access — wasmtime 6.3AIMediumAI2026-04-09
CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift — wasmtime 9.1AICriticalAI2026-04-09
CVE-2026-34941 Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding — wasmtime 6.5AIMediumAI2026-04-09
CVE-2026-39856 osslsigncode has an Out-of-Bounds Read via Unvalidated Section Bounds in PE Page Hash Calculation — osslsigncode 5.5 Medium2026-04-09
CVE-2026-39855 osslsigncode has an Integer Underflow in PE Page Hash Calculation Can Cause Out-of-Bounds Read — osslsigncode 5.5 Medium2026-04-09
CVE-2026-40026 Sleuth Kit ISO9660 SUSP Extension Reference Out-of-Bounds Read — sleuthkit 4.4 Medium2026-04-08
CVE-2026-40025 Sleuth Kit APFS Keybag Parser Out-of-Bounds Read — sleuthkit 4.4 Medium2026-04-08
CVE-2026-5913 Google Chrome 缓冲区错误漏洞 — Chrome 6.5AIMediumAI2026-04-08
CVE-2026-5886 Google Chrome 缓冲区错误漏洞 — Chrome 6.5AIMediumAI2026-04-08
CVE-2026-39864 Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks — kamailio 4.4 Medium2026-04-08
CVE-2026-28386 Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-512 Support — OpenSSL 7.5AIHighAI2026-04-07
CVE-2026-32864 Out-of-Bounds Read in mgcore_SH_25_3!aligned_free() — LabVIEW 7.8 High2026-04-07
CVE-2026-32863 Out-of-Bounds Read in sentry_transaction_context_set_operation() — LabVIEW 7.8 High2026-04-07
CVE-2026-35444 SDL_image has a heap buffer overflow READ via unchecked colormap index in XCF loader — SDL_image 7.1 High2026-04-06
CVE-2026-35203 ZLMediaKit VP9 RTP Parser Out-of-Bounds Read — ZLMediaKit 7.5 High2026-04-06
CVE-2026-35201 Discount has an Out-of-bounds Read in rdiscount — rdiscount 5.9 Medium2026-04-06

Vulnerabilities classified as CWE-125 (跨界内存读) represent 2871 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.