Total
1688 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-6529 | 1 Wireshark | 1 Wireshark | 2026-05-01 | N/A | 5.5 MEDIUM |
| iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |||||
| CVE-2026-6530 | 1 Wireshark | 1 Wireshark | 2026-05-01 | N/A | 5.5 MEDIUM |
| DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |||||
| CVE-2026-5402 | 1 Wireshark | 1 Wireshark | 2026-05-01 | N/A | 8.8 HIGH |
| TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution | |||||
| CVE-2026-5405 | 1 Wireshark | 1 Wireshark | 2026-05-01 | N/A | 7.8 HIGH |
| RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | |||||
| CVE-2026-5403 | 1 Wireshark | 1 Wireshark | 2026-05-01 | N/A | 7.8 HIGH |
| SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | |||||
| CVE-2026-5201 | 2 Gnome, Redhat | 4 Gdk-pixbuf, Enterprise Linux, Enterprise Linux Server Aus and 1 more | 2026-05-01 | N/A | 7.5 HIGH |
| A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions. | |||||
| CVE-2026-7378 | 1 Wireshark | 1 Wireshark | 2026-05-01 | N/A | 5.5 MEDIUM |
| Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |||||
| CVE-2026-42483 | 1 Hashcat | 1 Hashcat | 2026-05-01 | N/A | 9.8 CRITICAL |
| A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects module_hash_decode in multiple Kerberos-related modules because account_info_len is calculated from untrusted delimiter positions without upper-bound validation before memcpy copies the data into a fixed-size account_info buffer. | |||||
| CVE-2026-5653 | 1 Wireshark | 1 Wireshark | 2026-05-01 | N/A | 5.5 MEDIUM |
| DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |||||
| CVE-2026-7040 | 2026-05-01 | N/A | 7.5 HIGH | ||
| Text::Minify::XS versions from 0.3.0 before 0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minify_utf8 function is an alias for minify. | |||||
| CVE-2026-42512 | 1 Freebsd | 1 Freebsd | 2026-05-01 | N/A | 8.1 HIGH |
| As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorrectly calculates its new size when requesting memory, resulting in a heap buffer overrun. A specially crafted packet can cause dhclient to overrun its buffer of environment entries. This can result in a crash, but it may be possible to leverage this bug to achieve remote code execution. | |||||
| CVE-2026-35547 | 1 Freebsd | 1 Freebsd | 2026-05-01 | N/A | 8.1 HIGH |
| When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to exploit the bug to elevate their privileges. | |||||
| CVE-2026-40504 | 2026-05-01 | N/A | 9.8 CRITICAL | ||
| Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting scripts with many string literals at global scope. Attackers can exploit insufficient bounds checking in gravity_fiber_reassign() to corrupt heap metadata and achieve arbitrary code execution in applications that evaluate untrusted scripts. | |||||
| CVE-2026-22828 | 1 Fortinet | 2 Fortianalyzer Cloud, Fortimanager Cloud | 2026-05-01 | N/A | 8.1 HIGH |
| A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large amount of effort in preparation because of ASLR and network segmentation | |||||
| CVE-2026-5474 | 1 Nasa | 1 Core Flight System | 2026-04-30 | 5.8 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw/src/to_lab_passthru_encode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local network to execute the attack. The project was informed of the problem early through an issue report but has not responded yet. | |||||
| CVE-2026-7339 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2026-33298 | 1 Ggml | 1 Llama.cpp | 2026-04-30 | N/A | 7.8 HIGH |
| llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes `ggml_nbytes` to return a significantly smaller size than required (e.g., 4MB instead of Exabytes), leading to a heap-based buffer overflow when the application subsequently processes the tensor. This vulnerability allows potential Remote Code Execution (RCE) via memory corruption. b7824 contains a fix. | |||||
| CVE-2026-7353 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.3 HIGH |
| Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-5244 | 1 Cesanta | 1 Mongoose | 2026-04-29 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.21 mitigates this issue. The name of the patch is 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. | |||||
| CVE-2026-2646 | 1 Wolfssl | 1 Wolfssl | 2026-04-29 | N/A | 8.1 HIGH |
| A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_SSL_SESSION() function. When deserializing session data with SESSION_CERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and corrupt heap memory. A maliciously crafted session would need to be loaded from an external source to trigger this vulnerability. Internal sessions were not vulnerable. | |||||