Total
1188 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2025-49670 | 2025-07-11 | N/A | 6.5 MEDIUM | ||
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||||
CVE-2025-22881 | 1 Deltaww | 1 Cncsoft-g2 | 2025-07-11 | N/A | 7.8 HIGH |
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
CVE-2025-22880 | 1 Deltaww | 1 Cncsoft-g2 | 2025-07-11 | N/A | 7.8 HIGH |
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
CVE-2025-43582 | 1 Adobe | 1 Substance 3d Viewer | 2025-07-11 | N/A | 7.8 HIGH |
Substance3D - Viewer versions 0.22 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user, scope unchanged. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-47099 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2025-07-11 | N/A | 7.8 HIGH |
InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-48910 | 1 Huawei | 1 Harmonyos | 2025-07-11 | N/A | 5.5 MEDIUM |
Buffer overflow vulnerability in the DFile module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2025-53630 | 2025-07-10 | N/A | N/A | ||
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579. | |||||
CVE-2025-47122 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-07-10 | N/A | 7.8 HIGH |
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-47123 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-07-10 | N/A | 7.8 HIGH |
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-47125 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-07-10 | N/A | 7.8 HIGH |
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-47131 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-07-10 | N/A | 7.8 HIGH |
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-47134 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-07-10 | N/A | 7.8 HIGH |
InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-43591 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-07-10 | N/A | 7.8 HIGH |
InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-47103 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-07-10 | N/A | 7.8 HIGH |
InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-33064 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | N/A | 8.8 HIGH |
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||||
CVE-2025-33066 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | N/A | 8.8 HIGH |
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||||
CVE-2025-21221 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | N/A | 8.8 HIGH |
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | |||||
CVE-2025-21205 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | N/A | 8.8 HIGH |
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | |||||
CVE-2024-45993 | 1 Giflib Project | 1 Giflib | 2025-07-10 | N/A | 6.5 MEDIUM |
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb. | |||||
CVE-2025-29811 | 1 Microsoft | 5 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 2 more | 2025-07-10 | N/A | 7.8 HIGH |
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. |