Total
2683 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24985 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 7.8 High |
| Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24067 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24066 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24056 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 8.8 High |
| Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24051 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24050 | 1 Microsoft | 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24048 | 1 Microsoft | 17 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 14 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24995 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21180 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24057 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2018-1123 | 3 Canonical, Debian, Procps-ng Project | 3 Ubuntu Linux, Debian Linux, Procps-ng | 2025-12-17 | N/A |
| procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service). | ||||
| CVE-2025-48592 | 1 Google | 1 Android | 2025-12-17 | 6.5 Medium |
| In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-10881 | 1 Autodesk | 1 Shared Components | 2025-12-17 | 7.8 High |
| A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-50360 | 2 Dannyvankooten, Pepper-lang | 2 Pepper, Compiler | 2025-12-16 | 8.4 High |
| A heap buffer overflow in compiler.c and compiler.h in Pepper language 0.1.1commit 961a5d9988c5986d563310275adad3fd181b2bb7. Malicious execution of a pepper source file(.pr) could lead to arbitrary code execution or Denial of Service. | ||||
| CVE-2024-29204 | 1 Ivanti | 1 Avalanche | 2025-12-16 | 9.8 Critical |
| A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands | ||||
| CVE-2025-1252 | 1 Rti | 1 Connext Professional | 2025-12-16 | 7.1 High |
| Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42, from 5.3.0 before 5.3.*, from 4.4d before 5.2.*. | ||||
| CVE-2025-46373 | 1 Fortinet | 2 Forticlient, Forticlientwindows | 2025-12-16 | 7.1 High |
| A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec user to execute arbitrary code or commands via "fortips_74.sys". The attacker would need to bypass the Windows heap integrity protections | ||||
| CVE-2025-66587 | 1 Azeotech | 1 Daqfactory | 2025-12-15 | N/A |
| In AzeoTech DAQFactory release 20.7 (Build 2555), the affected application is vulnerable to memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2025-14673 | 1 Gmg137 | 1 Snap7-rs | 2025-12-15 | 7.3 High |
| A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-64524 | 1 Openprinting | 2 Cups-filters, Libcupsfilters | 2025-12-15 | 3.3 Low |
| cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault when processing maliciously crafted input data. This issue can be exploited to trigger memory corruption, potentially leading to arbitrary code execution. This issue has been patched via commit 956283c. | ||||