Export limit exceeded: 23584 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23584 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-8836 2 Lwip, Lwip-tcpip 2 Lwip, Lwip 2026-05-23 9.8 Critical
A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmp_parse_inbound_frame of the file src/apps/snmp/snmp_msg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be initiated remotely. The patch is named 0c957ec03054eb6c8205e9c9d1d05d90ada3898c. It is suggested to install a patch to address this issue.
CVE-2026-4682 1 Hp 6 Deskjet 2800e All-in-one Printer Series, Deskjet 4200 All-in-one Printer Series, Deskjet 4200e All-in-one Printer Series and 3 more 2026-05-23 N/A
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices (WSD) scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allows a PC to discover scanners (and MFPs) on a network and send scan jobs to them without requiring vendor specific drivers or utilities.
CVE-2026-41073 1 Bestpractical 1 Rt 2026-05-23 4.6 Medium
RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet (CSV/formula) injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before being written to the output file, which can cause spreadsheet applications to interpret crafted values as formulas or macros when the file is opened. This issue has been fixed in versions 5.0.10 and 6.0.3. If developers are unable to upgrade immediately, they can temporarily work around this issue by avoiding opening exported RT spreadsheet files directly in spreadsheet applications when the data may contain untrusted user input.
CVE-2026-42831 1 Microsoft 6 365 Copilot, Office, Office For Android and 3 more 2026-05-22 7.8 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-40363 1 Microsoft 11 365 Apps, 365 Copilot, Office and 8 more 2026-05-22 8.4 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-33642 1 Kovidgoyal 1 Kitty 2026-05-22 9.9 Critical
Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handle_compose_command() function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer Over-Read/Write. An attacker who can write escape sequences to a kitty terminal (e.g., via a malicious file, SSH login banner, or piped content) can supply crafted x_offset/y_offset values that pass the bounds check after wrapping but cause massive out-of-bounds heap memory access in compose_rectangles(). No user interaction is required. No non-default configuration is required. The attacker only needs the ability to produce output in a kitty terminal window. This issue has been fixed in version 0.47.0.
CVE-2026-33633 1 Kovidgoyal 1 Kitty 2026-05-22 7.5 High
Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in load_image_data() that allows any process which can write to the terminal's stdin to crash kitty immediately. The vulnerability is triggered by a single APC graphics protocol command with a PNG format declaration (f=100) whose payload exceeds twice the initial buffer capacity. The overflow is attacker-controlled in both length and content, causing DoS and potentially escalation to RCE itself. This issue has been fixed in version 0.47.0.
CVE-2026-7887 1 Concretecms 1 Concrete Cms 2026-05-22 6.4 Medium
For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 (suspended, banned, terminated employee) can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N. Thanks 0x4c616e for reporting.
CVE-2026-8435 1 Concretecms 1 Concrete Cms 2026-05-22 6.5 Medium
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file approveVersion(). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan Drori (Tenzai) for reporting.
CVE-2026-4646 1 Mattermost 2 Mattermost, Mattermost Server 2026-05-22 4.3 Medium
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate user-supplied input in API request handlers which allows an authenticated attacker to crash the plugin process via a crafted HTTP request to the PR details endpoint.. Mattermost Advisory ID: MMSA-2026-00638
CVE-2025-53732 1 Microsoft 2 365 Copilot, Office 2026-05-22 7.8 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49697 1 Microsoft 11 365 Apps, 365 Copilot, Office and 8 more 2026-05-22 8.4 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53766 1 Microsoft 30 365 Copilot, Gdi+, Gdiplus and 27 more 2026-05-22 9.8 Critical
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
CVE-2024-38250 1 Microsoft 26 365 Copilot, Office, Office Long Term Servicing Channel and 23 more 2026-05-22 7.8 High
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-49696 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-60724 1 Microsoft 32 365 Copilot, Graphics Component, Office and 29 more 2026-05-22 9.8 Critical
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
CVE-2025-47162 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-25180 1 Microsoft 33 365 Copilot, Office, Office For Android and 30 more 2026-05-22 5.5 Medium
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.
CVE-2025-30388 1 Microsoft 29 365 Copilot, Office, Office Long Term Servicing Channel and 26 more 2026-05-22 7.8 High
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2026-23246 1 Linux 1 Linux Kernel 2026-05-22 8.8 High
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration link_id is taken from the ML Reconfiguration element (control & 0x000f), so it can be 0..15. link_removal_timeout[] has IEEE80211_MLD_MAX_NUM_LINKS (15) elements, so index 15 is out-of-bounds. Skip subelements with link_id >= IEEE80211_MLD_MAX_NUM_LINKS to avoid a stack out-of-bounds write.