Search Results (9623 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-69806 1 P2r3 1 Bareiron 2026-02-23 7.5 High
p2r3 bareiron commit: 8e4d4020d contains an Out-of-bounds Read, which allows unauthenticated remote attackers to get relative information leakage via a packet sent to the server
CVE-2025-15412 1 Webassembly 1 Wabt 2026-02-23 5.3 Medium
A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decompiler::VarName of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. Such manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. Unfortunately, the project has no active maintainer at the moment. In a reply to the issue report somebody recommended to the researcher to provide a PR himself.
CVE-2023-3425 1 M-files 1 Classic Web 2026-02-23 6.5 Medium
Out-of-bounds read issue in M-Files Server versions below 23.8.12892.6 and LTS Service Release Versions before 23.2 LTS SR3 allows unauthenticated user to read restricted amount of bytes from memory.
CVE-2025-59275 1 Microsoft 28 Windows, Windows 10, Windows 10 1507 and 25 more 2026-02-22 7.8 High
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
CVE-2025-59232 1 Microsoft 19 365, 365 Apps, Access and 16 more 2026-02-22 7.1 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2025-59208 1 Microsoft 30 Windows, Windows 10, Windows 10 1507 and 27 more 2026-02-22 7.1 High
Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network.
CVE-2025-59235 1 Microsoft 19 365, 365 Apps, Access and 16 more 2026-02-22 7.1 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2025-58717 1 Microsoft 30 Windows, Windows 10, Windows 10 1507 and 27 more 2026-02-22 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-55700 1 Microsoft 26 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 23 more 2026-02-22 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2019-1174 1 Microsoft 5 Windows 10, Windows 10 1809, Windows Server 1903 and 2 more 2026-02-20 7 High
An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the PsmServiceExtHost.dll properly handles objects in memory.
CVE-2019-1153 1 Microsoft 18 Office, Windows 10, Windows 10 1507 and 15 more 2026-02-20 5.5 Medium
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.
CVE-2019-1148 1 Microsoft 18 Office, Windows 10, Windows 10 1507 and 15 more 2026-02-20 5.5 Medium
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.
CVE-2025-33055 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2026-02-20 5.5 Medium
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-24065 1 Microsoft 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more 2026-02-20 5.5 Medium
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-24069 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2026-02-20 5.5 Medium
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33065 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2026-02-20 5.5 Medium
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-53806 1 Microsoft 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more 2026-02-20 6.5 Medium
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-33063 1 Microsoft 17 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 14 more 2026-02-20 5.5 Medium
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-53805 1 Microsoft 14 Internet Information Services, Windows, Windows 11 and 11 more 2026-02-20 7.5 High
Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.
CVE-2025-33062 1 Microsoft 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more 2026-02-20 5.5 Medium
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.