Total
1131 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-48379 | 2025-07-01 | N/A | 7.1 HIGH | ||
| Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0. | |||||
| CVE-2025-6750 | 1 Hdfgroup | 1 Hdf5 | 2025-07-01 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5O__mtime_new_encode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6816 | 1 Hdfgroup | 1 Hdf5 | 2025-07-01 | 1.7 LOW | 3.3 LOW |
| A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5O__fsinfo_encode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-21395 | 1 Microsoft | 4 365 Apps, Access, Office and 1 more | 2025-07-01 | N/A | 7.8 HIGH |
| Microsoft Access Remote Code Execution Vulnerability | |||||
| CVE-2025-21390 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-07-01 | N/A | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2025-21356 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-07-01 | N/A | 7.8 HIGH |
| Microsoft Office Visio Remote Code Execution Vulnerability | |||||
| CVE-2025-21186 | 1 Microsoft | 4 365 Apps, Access, Office and 1 more | 2025-07-01 | N/A | 7.8 HIGH |
| Microsoft Access Remote Code Execution Vulnerability | |||||
| CVE-2024-46993 | 2025-07-01 | N/A | N/A | ||
| Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath() and nativeImage.createFromBuffer() functions call a function downstream that is vulnerable to a heap buffer overflow. An Electron program that uses either of the affected functions is vulnerable to a buffer overflow if an attacker is in control of the image's height, width, and contents. This issue has been patched in versions 28.3.2, 29.3.3, and 30.0.3. There are no workarounds for this issue. | |||||
| CVE-2025-6494 | 2025-06-30 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833. It has been classified as problematic. This affects the function hashmap_get_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The patch is named ada4708e5a67114402cd3feb70a4e1d1d7cf773a. It is recommended to apply a patch to fix this issue. The project maintainer explains that the affected code was merged into the main branch but the commit never appeared in an official release. | |||||
| CVE-2025-6490 | 2025-06-30 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833 and classified as problematic. This issue affects the function hashmap_set_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of the patch is ada4708e5a67114402cd3feb70a4e1d1d7cf773a. It is recommended to apply a patch to fix this issue. The project maintainer explains that the affected code was merged into the main branch but the commit never appeared in an official release. | |||||
| CVE-2023-28905 | 2025-06-30 | N/A | 8.0 HIGH | ||
| A heap buffer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker to execute arbitrary code on it. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. | |||||
| CVE-2025-6818 | 2025-06-30 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5O__chunk_protect of the file /src/H5Ochunk.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-28231 | 1 Eprosima | 1 Fast Dds | 2025-06-30 | N/A | 9.6 CRITICAL |
| eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminated remotely. Additionally, the payload_size in the DATA Submessage packet is declared as uint32_t. When a negative number, such as -1, is input into this variable, it results in an Integer Overflow (for example, -1 gets converted to 0xFFFFFFFF). This eventually leads to a heap-buffer-overflow, causing the program to terminate. Versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8 contain a fix for this issue. | |||||
| CVE-2024-37601 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | N/A | 4.6 MEDIUM |
| An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically. | |||||
| CVE-2025-5830 | 2025-06-26 | N/A | 8.8 HIGH | ||
| Autel MaxiCharger AC Wallbox Commercial DLB_SlaveRegister Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DLB_SlaveRegister messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26327. | |||||
| CVE-2025-6660 | 2025-06-26 | N/A | 7.8 HIGH | ||
| PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26763. | |||||
| CVE-2025-6516 | 1 Hdfgroup | 1 Hdf5 | 2025-06-26 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-48797 | 2025-06-25 | N/A | 7.3 HIGH | ||
| A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow. | |||||
| CVE-2021-40426 | 1 Sound Exchange Project | 1 Sound Exchange | 2025-06-24 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-56737 | 1 Gnu | 1 Grub2 | 2025-06-24 | N/A | 8.8 HIGH |
| GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem. | |||||