Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-125 (跨界内存读) — Vulnerability Class 2871

2871 vulnerabilities classified as CWE-125 (跨界内存读). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-35176 openFPGALoader has a heap buffer overflow in POFParser::parseSection() via crafted .pof file — openFPGALoader 7.1 High2026-04-06
CVE-2026-35170 openFPGALoader has a heap buffer overflow in BitParser::parseHeader() via crafted .bit file — openFPGALoader 7.1 High2026-04-06
CVE-2026-34588 OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write — openexr 6.8 -2026-04-06
CVE-2026-5673 Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing — Red Hat Enterprise Linux 10 5.6 Medium2026-04-06
CVE-2026-34776 Electron: Out-of-bounds read in second-instance IPC on macOS and Linux — electron 5.3 Medium2026-04-03
CVE-2026-34824 Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service — mesop 7.5 High2026-04-03
CVE-2026-34608 nanomq: Heap-Buffer-Overflow in webhook_inproc.c via cJSON_Parse OOB Read — nanomq 4.9 Medium2026-04-02
CVE-2026-5342 LibRaw TIFF/NEF decoders_libraw.cpp nikon_load_padded_packed_raw out-of-bounds — LibRaw 5.3 Medium2026-04-02
CVE-2026-5315 Nothings stb TTF File stb_truetype.h stbtt__buf_get8 out-of-bounds — stb 4.3 Medium2026-04-01
CVE-2026-32929 Fuji Electric V-SFT 缓冲区错误漏洞 — V-SFT 7.8 High2026-04-01
CVE-2026-32927 Fuji Electric V-SFT 缓冲区错误漏洞 — V-SFT 7.8 High2026-04-01
CVE-2026-32926 Fuji Electric V-SFT 缓冲区错误漏洞 — V-SFT 7.8 High2026-04-01
CVE-2026-5314 Nothings stb TTF File stb_truetype.h stbtt_InitFont_internal out-of-bounds — stb 4.3 Medium2026-04-01
CVE-2026-5292 Google Chrome 安全漏洞 — Chrome 8.1 -2026-04-01
CVE-2026-5282 Google Chrome 安全漏洞 — Chrome 8.1 -2026-04-01
CVE-2026-34556 iccDEV: HBO in icAnsiToUtf8() — iccDEV 6.2 Medium2026-03-31
CVE-2026-34554 iccDEV: HBO in CIccApplyCmmSearch::costFunc() — iccDEV 6.2 Medium2026-03-31
CVE-2026-34235 PJSIP: Heap OOB read in VPX unpacketizer — pjproject 9.1AICriticalAI2026-03-31
CVE-2026-33985 FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read — FreeRDP 5.9 Medium2026-03-30
CVE-2026-33982 FreeRDP: Persistent Cache Allocator Mismatch - Heap OOB Read — FreeRDP 7.1 High2026-03-30
CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field — botan 8.2 High2026-03-30
CVE-2026-25627 nanomq: OOB Read / Crash (DoS) via Malformed MQTT Remaining Length over WebSocket — nanomq 6.5 Medium2026-03-30
CVE-2025-66037 OpenSC: Out of Bounds vulnerability — OpenSC 3.9 Low2026-03-30
CVE-2026-28528 BlueKitchen BTstack < 1.8.1 AVRCP Browsing Target GET_FOLDER_ITEMS Handler OOB Read / Undefined Behavior — BTstack 4.6 Medium2026-03-30
CVE-2026-28527 BlueKitchen BTstack < 1.8.1 AVRCP Controller GET_PLAYER_APPLICATION_SETTING_*_TEXT Handlers OOB Read — BTstack 3.5 Low2026-03-30
CVE-2026-28526 BlueKitchen BTstack < 1.8.1 AVRCP Controller LIST_PLAYER_APPLICATION_SETTING_* Handlers OOB Read — BTstack 3.5 Low2026-03-30
CVE-2023-7340 Wazuh authd service (os_auth) Heap-based Buffer Overflow — Wazuh 3.1 Low2026-03-27
CVE-2026-32984 Heap buffer overflow in wazuh-authd — Wazuh 3.5 Low2026-03-27
CVE-2026-33669 SiYuan has Arbitrary Document Reading within the Publishing Service — siyuan 9.8 Critical2026-03-26
CVE-2026-3622 Denial-of-Service Vulnerability in UPnP Component of TP Link's TL-WR841N — TL-WR841N v14 7.5AIHighAI2026-03-26

Vulnerabilities classified as CWE-125 (跨界内存读) represent 2871 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.