Total
1069 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-2337 | 2025-03-17 | 7.5 HIGH | 6.3 MEDIUM | ||
| A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function Mat_VarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-29508 | 1 Artifex | 1 Ghostscript | 2025-03-17 | N/A | 3.3 LOW |
| Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc. | |||||
| CVE-2025-2368 | 2025-03-17 | 7.5 HIGH | 6.3 MEDIUM | ||
| A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2025-24985 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-14 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-22134 | 2025-03-14 | N/A | 4.2 MEDIUM | ||
| When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003 | |||||
| CVE-2024-41437 | 1 Dbohdan | 1 Hicolor | 2025-03-13 | N/A | 5.5 MEDIUM |
| A heap buffer overflow in the function cp_unfilter() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. | |||||
| CVE-2025-2153 | 1 Hdfgroup | 1 Hdf5 | 2025-03-13 | 5.1 MEDIUM | 5.0 MEDIUM |
| A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-3516 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-03-13 | N/A | 6.5 MEDIUM |
| Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-2152 | 1 Assimp | 1 Assimp | 2025-03-13 | 7.5 HIGH | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-46264 | 1 Randygaul | 1 Cute Png | 2025-03-13 | N/A | 7.8 HIGH |
| cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_find() function at cute_png.h. | |||||
| CVE-2024-37080 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2025-03-13 | N/A | 9.8 CRITICAL |
| vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. | |||||
| CVE-2025-24993 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-13 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-2019 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25252. | |||||
| CVE-2025-26634 | 2025-03-11 | N/A | 7.5 HIGH | ||
| Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-24995 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24067 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24066 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24057 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-24056 | 2025-03-11 | N/A | 8.8 HIGH | ||
| Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-24051 | 2025-03-11 | N/A | 8.8 HIGH | ||
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||||