Total
2613 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31164 | 1 Fig2dev Project | 1 Fig2dev | 2025-10-21 | 6.6 Medium |
| heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline. | ||||
| CVE-2025-20712 | 2 Mediatek, Openwrt | 12 Mt6799, Mt6990, Mt6990 Firmware and 9 more | 2025-10-21 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422323; Issue ID: MSV-3810. | ||||
| CVE-2025-20720 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7603, Mt7615 and 7 more | 2025-10-20 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418954; Issue ID: MSV-3569. | ||||
| CVE-2025-54282 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-10-20 | 7.8 High |
| Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-54278 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2025-10-20 | 5.5 Medium |
| Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-54268 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2025-10-20 | 7.8 High |
| Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-61804 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-10-20 | 7.8 High |
| Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-4692 | 2 Gnu, Redhat | 2 Grub2, Enterprise Linux | 2025-10-17 | 7.5 High |
| An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved. | ||||
| CVE-2024-50571 | 1 Fortinet | 6 Fortianalyzer, Fortianalyzer Cloud, Fortimanager and 3 more | 2025-10-17 | 6.5 Medium |
| A heap-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15, 6.2.0 through 6.2.17, FortiManager Cloud 7.6.2, 7.4.1 through 7.4.5, 7.2.1 through 7.2.8, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7, FortiAnalyzer Cloud 7.4.1 through 7.4.5, 7.2.1 through 7.2.8, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7, FortiProxy 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.12, 7.0.0 through 7.0.19, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiAnalyzer 7.6.0 through 7.6.2, 7.4.0 through 7.4.5, 7.2.0 through 7.2.8, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, 6.2.0 through 6.2.13, 6.0.0 through 6.0.12, FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, 6.2.0 through 6.2.13, 6.0.0 through 6.0.12 allows attacker to execute unauthorized code or commands via specifically crafted requests. | ||||
| CVE-2025-22258 | 1 Fortinet | 5 Fortios, Fortipam, Fortiproxy and 2 more | 2025-10-17 | 5.7 Medium |
| A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.2 through 7.0.16, FortiSwitchManager 7.2.1 through 7.2.5 allows attackers to escalate their privilege via specially crafted http requests. | ||||
| CVE-2025-59938 | 2 Microsoft, Wazuh | 2 Windows, Wazuh | 2025-10-16 | 6.5 Medium |
| Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions starting from 3.8.0 to before 4.11.0, wazuh-analysisd is vulnerable to a heap buffer overflow when parsing XML elements from Windows EventChannel messages. This issue has been patched in version 4.11.0. | ||||
| CVE-2025-11014 | 2 Ogre3d, Ogrecave | 2 Ogre, Ogre | 2025-10-16 | 5.3 Medium |
| A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been released to the public and may be exploited. | ||||
| CVE-2024-56406 | 2 Perl, Redhat | 2 Perl, Enterprise Linux | 2025-10-16 | 8.4 High |
| A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses. | ||||
| CVE-2025-10504 | 1 Abb | 1 Terra Ac Wallbox Jp | 2025-10-16 | 6.1 Medium |
| Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33. | ||||
| CVE-2025-57740 | 1 Fortinet | 3 Fortios, Fortipam, Fortiproxy | 2025-10-16 | 6.7 Medium |
| An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions; FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions and FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions RDP bookmark connection may allow an authenticated user to execute unauthorized code via crafted requests. | ||||
| CVE-2025-48379 | 1 Python | 1 Pillow | 2025-10-15 | 7.1 High |
| Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0. | ||||
| CVE-2024-53681 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-10-15 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmet_root_discovery_nqn_store treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of using the old buffer. | ||||
| CVE-2025-53783 | 1 Microsoft | 6 Dynamics 365 Guides, Dynamics 365 Remote Assist, Teams and 3 more | 2025-10-15 | 7.5 High |
| Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-50155 | 1 Microsoft | 19 Server, Windows, Windows 10 1507 and 16 more | 2025-10-15 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53766 | 1 Microsoft | 20 Gdi+, Gdiplus, Office and 17 more | 2025-10-15 | 9.8 Critical |
| Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. | ||||