Total
1786 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-20774 | 2 Google, Mediatek | 32 Android, Mt2718, Mt6739 and 29 more | 2025-12-03 | N/A | 6.7 MEDIUM |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796. | |||||
| CVE-2025-50360 | 2025-12-03 | N/A | 8.4 HIGH | ||
| A heap buffer overflow in compiler.c and compiler.h in Pepper language 0.1.1commit 961a5d9988c5986d563310275adad3fd181b2bb7. Malicious execution of a pepper source file(.pr) could lead to arbitrary code execution or Denial of Service. | |||||
| CVE-2025-11788 | 1 Circutor | 4 Sge-plc1000, Sge-plc1000 Firmware, Sge-plc50 and 1 more | 2025-12-03 | N/A | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetParameter(meter)' function retrieves the user input, which is directly incorporated into a buffer without size validation. An attacker can provide an excessively large input for the 'meter' parameter. | |||||
| CVE-2025-11778 | 1 Circutor | 4 Sge-plc1000, Sge-plc1000 Firmware, Sge-plc50 and 1 more | 2025-12-03 | N/A | 9.8 CRITICAL |
| Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'read_packet()' function of the TACACSPLUS implementation. | |||||
| CVE-2024-52059 | 1 Rti | 1 Connext Professional | 2025-12-03 | N/A | 7.8 HIGH |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.17. | |||||
| CVE-2024-37280 | 1 Elastic | 1 Elasticsearch | 2025-12-03 | N/A | 4.9 MEDIUM |
| A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature. | |||||
| CVE-2025-10101 | 2025-12-02 | N/A | 8.1 HIGH | ||
| Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a crafted Mach-O file may allow Local Execution of Code or Denial of Service of antivirus protection. This issue affects Antivirus: from 15.7 before 3.9.2025. | |||||
| CVE-2025-8351 | 2025-12-02 | N/A | 9.0 CRITICAL | ||
| Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98. | |||||
| CVE-2025-65406 | 2025-12-02 | N/A | 6.5 MEDIUM | ||
| A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file. | |||||
| CVE-2025-62608 | 1 Ml-explore | 1 Mlx | 2025-12-02 | N/A | 9.1 CRITICAL |
| MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load() when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds read, leading to crash or information disclosure. This issue has been patched in version 0.29.4. | |||||
| CVE-2025-32990 | 2 Gnu, Redhat | 3 Gnutls, Enterprise Linux, Openshift Container Platform | 2025-12-01 | N/A | 6.5 MEDIUM |
| A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. | |||||
| CVE-2025-66217 | 2025-12-01 | N/A | N/A | ||
| AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Length field. This leads to an immediate Denial of Service (DoS) and, when used as a library, severe Memory Corruption that can be leveraged for Remote Code Execution (RCE). This issue has been patched in version 0.64. | |||||
| CVE-2025-64330 | 2025-11-28 | N/A | 7.5 HIGH | ||
| Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires the per packet alert queue to be filled with alerts and then followed by a pass rule. This issue has been patched in versions 7.0.13 and 8.0.2. To reduce the likelihood of this issue occurring, the alert queue size a should be increased (packet-alert-max in suricata.yaml) if verdict is enabled. | |||||
| CVE-2025-52584 | 1 Ashlar | 5 Argon, Cobalt, Cobalt Share and 2 more | 2025-11-28 | N/A | 7.8 HIGH |
| In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2025-46269 | 1 Ashlar | 5 Argon, Cobalt, Cobalt Share and 2 more | 2025-11-28 | N/A | 7.8 HIGH |
| In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2025-65085 | 1 Ashlar | 5 Argon, Cobalt, Cobalt Share and 2 more | 2025-11-28 | N/A | 9.8 CRITICAL |
| A Heap-based Buffer Overflow vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.207 and prior that could allow an attacker to disclose information or execute arbitrary code. | |||||
| CVE-2025-65018 | 1 Libpng | 1 Libpng | 2025-11-26 | N/A | 7.1 HIGH |
| LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51. | |||||
| CVE-2025-64693 | 2025-11-25 | N/A | 9.8 CRITICAL | ||
| Security Point (Windows) of MaLion and MaLionCloud contains a heap-based buffer overflow vulnerability in processing Content-Length. Receiving a specially crafted request from a remote unauthenticated attacker could lead to arbitrary code execution with SYSTEM privilege. | |||||
| CVE-2025-2584 | 1 Webassembly | 1 Wabt | 2025-11-25 | 5.1 MEDIUM | 5.0 MEDIUM |
| A vulnerability was found in WebAssembly wabt 1.0.36. It has been declared as critical. This vulnerability affects the function BinaryReaderInterp::GetReturnCallDropKeepCount of the file wabt/src/interp/binary-reader-interp.cc. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-11458 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-11-25 | N/A | 8.1 HIGH |
| Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | |||||