Search Results (3371 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-2315 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-18 8.8 High
Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12447 1 Google 1 Chrome 2026-06-18 8.8 High
Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2025-55645 1 Gpac 2 Gpac, Mp4box 2026-06-18 5.5 Medium
A heap buffer overflow in the gf_cenc_set_pssh function (isomedia/drm_sample.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-31201 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2026-06-18 9.8 Critical
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
CVE-2025-55661 1 Gpac 1 Mp4box 2026-06-18 5.5 Medium
A heap buffer overflow in the Opus audio stream parser component of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2026-0130 1 Google 1 Android 2026-06-18 3.5 Low
In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2026-33841 1 Microsoft 19 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 16 more 2026-06-17 7.8 High
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-0149 1 Google 1 Android 2026-06-17 8.8 High
In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-0132 1 Google 1 Android 2026-06-17 8.8 High
In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-2467 1 Rti 1 Connext Professional 2026-06-17 N/A
Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from 5.0.0 before 5.2.*.
CVE-2026-47964 1 Adobe 1 Dng Sdk 2026-06-17 7.8 High
DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-9256 1 F5 2 Nginx Open Source, Nginx Plus 2026-06-16 8.1 High
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression (PCRE) captures (for example, ^/((.*))$) and a replacement string that references multiple such captures (for example, $1$2) in a redirect or arguments context. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-40033 1 Freerdp 1 Freerdp 2026-06-16 8.8 High
FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16_MAX but performs copy operations using unclamped cache entry dimensions, enabling malicious RDP servers to trigger large out-of-bounds writes and potentially achieve remote code execution or client crash.
CVE-2026-45831 2 Chroma, Trychroma 2 Chromadb, Chromadb 2026-06-16 8.8 High
The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, database, or collection that permission applies to allowing users to perform cross tenant actions.
CVE-2026-42992 1 Microsoft 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more 2026-06-15 7.5 High
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42993 1 Microsoft 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more 2026-06-15 7.5 High
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44799 1 Microsoft 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more 2026-06-15 7.5 High
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42980 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-06-15 7.8 High
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-12193 1 Vs Revo 1 Revouninstaller 2026-06-15 7.8 High
A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 2.7.0 is sufficient to fix this issue. It is recommended to upgrade the affected component.
CVE-2025-8351 2 Apple, Avast 2 Macos, Antivirus 2026-06-12 7.8 High
Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avira Antivirus engine when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.98.