Weaknesses of type CWE-125
4,264 resultsCVE-2021-3517HIGHThere is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted fEPSS 8.3%CVE-2020-8879LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.916. UserEPSS 8.2%CVE-2020-8877LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.916. UserEPSS 8.2%CVE-2019-17138LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.909. UserEPSS 8.2%CVE-2024-10387HIGHRockwell Automation FactoryTalk ThinManager Denial-of-Service VulnerabilityEPSS 8.0%CVE-2018-20679HIGHAn issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay)EPSS 7.9%CVE-2024-40777LOWAn out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.EPSS 7.8%CVE-2019-11050MEDIUMUse-after-free in exif parsing under memory sanitizerEPSS 7.4%CVE-2020-7059MEDIUMOOB read in php_strip_tags_exEPSS 7.4%CVE-2019-11047MEDIUMHeap-buffer-overflow READ in exifEPSS 7.3%CVE-2022-20472CRITICALIn toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote EPSS 6.6%CVE-2024-30280HIGHZDI-CAN-22867: Adobe Acrobat Pro DC AcroForm Annotation Out-Of-Bounds Read Remote Code Execution VulnerabilityEPSS 6.6%CVE-2019-15903MEDIUMIn libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutivEPSS 6.6%CVE-2025-5419HIGHOut of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption EPSS 6.5%KEVCVE-2019-3858MEDIUMAn out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remoteEPSS 6.4%CVE-2021-27247MEDIUMThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat 2.9.5 desktop versiEPSS 6.4%CVE-2019-3859CRITICALAn out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A rEPSS 6.3%CVE-2025-4919HIGHOut-of-bounds access when optimizing linear sumsEPSS 6.0%CVE-2018-1000301CRITICALcurl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can resulEPSS 6.0%CVE-2023-35386HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 6.0%