Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-125 (跨界内存读) — Vulnerability Class 2871

2871 vulnerabilities classified as CWE-125 (跨界内存读). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-23716 Siemens Simcenter Femap和Siemens Simcenter Nastran 缓冲区错误漏洞 — Simcenter Femap 7.8 High2026-02-10
CVE-2026-25920 SumatraPDF has a heap out-of-bounds read in MOBI HuffDic decompressor — sumatrapdf 5.5 Medium2026-02-09
CVE-2026-2245 CCExtractor MPEG-TS File ts_tables.c parse_PMT out-of-bounds — CCExtractor 3.3 Low2026-02-09
CVE-2026-2242 janet-lang janet specials.c janetc_if out-of-bounds — janet 3.3 Low2026-02-09
CVE-2026-2241 janet-lang janet os.c os_strftime out-of-bounds — janet 3.3 Low2026-02-09
CVE-2026-2240 janet-lang janet compile.c janetc_pop_funcdef out-of-bounds — janet 3.3 Low2026-02-09
CVE-2026-24921 Huawei HarmonyOS 安全漏洞 — HarmonyOS 4.8 Medium2026-02-06
CVE-2026-24915 Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.2 Medium2026-02-06
CVE-2026-25508 ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning — esp-idf 6.3 Medium2026-02-04
CVE-2026-25139 RIOT Vulnerable to Multiple Out-of-Bounds Read When Processing Received 6LoWPAN SFR Fragments — RIOT 9.1AICriticalAI2026-02-04
CVE-2025-65081 Out-of-bounds read vulnerability in Postscript interpreter — MXTCT, MSNGM, MSTGM, MXNGM, MXTGM, CSNGV, CSTGV, CXTGV, MSNGW, MSTGW, MXTGW, CSTLS, CXTLS, MXTLS, CSTMM, CXTMM, CSTPC, CXTPC, MXTPM, MSNSN, MSTSN, MXTSN, CSNZJ, CSTZJ, CXNZJ, CXTZJ 9.8AICriticalAI2026-02-03
CVE-2025-64098 FastDDS has Out-of-memory in readOctetVector via Manipulated DATA Submessage when DDS Security is enabled — Fast-DDS 7.5AIHighAI2026-02-03
CVE-2025-62603 FastDDS has Out-of-memory while parsing GenericMessage when DDS Security is enabled — Fast-DDS 9.8AICriticalAI2026-02-03
CVE-2026-20421 MediaTek Chipsets 安全漏洞 — MediaTek chipset 7.5AIHighAI2026-02-02
CVE-2026-20420 MediaTek Chipsets 安全漏洞 — MediaTek chipset 7.5AIHighAI2026-02-02
CVE-2026-23569 Out-of-bounds read vulnerability in Content Distribution Service — DEX 6.5 Medium2026-01-29
CVE-2026-23568 Out-of-bounds read vulnerability in Content Distribution Service — DEX 5.4 Medium2026-01-29
CVE-2026-24116 Wasmtime segfault or unused out-of-sandbox load with f64.copysign operator on x86-64 — wasmtime 7.5AIHighAI2026-01-27
CVE-2026-24873 Out-of-bounds read in lpp-vita — lpp-vita 7.8 High2026-01-27
CVE-2025-41728 Beckhoff: Information leak via Beckhoff Device Manager — Beckhoff.Device.Manager.XAR 5.3 Medium2026-01-27
CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine. — WickedEngine 7.1AIHighAI2026-01-27
CVE-2026-24820 A stack overflow vulnerability in turanszkij/WickedEngine — WickedEngine 7.1AIHighAI2026-01-27
CVE-2026-24818 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in praydog/UEVR — UEVR 6.2AIMediumAI2026-01-27
CVE-2026-24796 A Out-of-bounds Read vulnerability in CloverHackyColor/CloverBootloader — CloverBootloader 5.5AIMediumAI2026-01-27
CVE-2026-23951 SumatraPDF's Integer Underflow in PalmDbReader Leads to Crash — sumatrapdf 5.5 Medium2026-01-22
CVE-2025-68132 EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver — everest-core 9.1AICriticalAI2026-01-21
CVE-2025-51602 VideoLAN VLC media player 缓冲区错误漏洞 — VLC media player 4.8 Medium2026-01-16
CVE-2026-22859 FreeRDP has a heap-buffer-overflow in urb_select_configuration — FreeRDP 9.1 -2026-01-14
CVE-2026-22858 FreeRDP has a global-buffer-overflow in crypto_base64_decode — FreeRDP 9.1 -2026-01-14
CVE-2026-22855 FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call — FreeRDP 9.1 -2026-01-14

Vulnerabilities classified as CWE-125 (跨界内存读) represent 2871 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.