Total
1288 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-3277 | 1 Sqlite | 1 Sqlite | 2025-08-18 | N/A | 9.8 CRITICAL |
| An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution. | |||||
| CVE-2025-55286 | 2025-08-18 | N/A | N/A | ||
| z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing (MSAA) method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing (SSAA) method. Under certain circumstances where the path being drawn existed in whole or partly outside of the rendering surface, incorrect bounding could cause out-of-bounds access within the coverage buffer. This affects the higher-level drawing operations, such as Context.fill, Context.stroke, painter.fill, and painter.stroke, when either the .default or .multisample_4x anti-aliasing modes were used. .supersample_4x was not affected, nor was drawing without anti-aliasing. In non-safe optimization modes (consumers compiling with ReleaseFast or ReleaseSmall), this could potentially lead to invalid memory accesses or corruption. z2d v0.7.1 fixes this issue, and it's recommended to upgrade to v0.7.1, or, given the small period of time v0.7.0 has been released, use v0.7.1 immediately, skipping v0.7.0. | |||||
| CVE-2024-43790 | 2 Netapp, Vim | 3 Bootstrap Os, Hci Compute Node, Vim | 2025-08-18 | N/A | 4.5 MEDIUM |
| Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated will be smaller than the original allocated buffer (because for allocating the reversed buffer, the strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689. | |||||
| CVE-2025-53720 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-08-18 | N/A | 8.0 HIGH |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-53155 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-18 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2023-44428 | 1 Musescore | 1 Musescore | 2025-08-18 | N/A | 7.8 HIGH |
| MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MuseScore. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CAP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20769. | |||||
| CVE-2025-50617 | 1 Netis-systems | 2 Wf2880, Wf2880 Firmware | 2025-08-15 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wps_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | |||||
| CVE-2025-55005 | 1 Imagemagick | 1 Imagemagick | 2025-08-15 | N/A | 5.5 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1. | |||||
| CVE-2025-55004 | 1 Imagemagick | 1 Imagemagick | 2025-08-15 | N/A | 7.6 HIGH |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This can likely be used to leak subsequent memory contents into the output image. This issue has been patched in version 7.1.2-1. | |||||
| CVE-2025-31177 | 1 Gnuplot | 1 Gnuplot | 2025-08-15 | N/A | 6.2 MEDIUM |
| gnuplot is affected by a heap buffer overflow at function utf8_copy_one. | |||||
| CVE-2025-53723 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-15 | N/A | 7.8 HIGH |
| Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-53741 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-08-15 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53737 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-08-15 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53732 | 1 Microsoft | 1 Office | 2025-08-15 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-1051 | 1 Sonos | 2 Era 300, Era 300 Firmware | 2025-08-15 | N/A | 8.8 HIGH |
| Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of ALAC data. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the anacapa user. Was ZDI-CAN-25865. | |||||
| CVE-2025-22134 | 2 Netapp, Vim | 3 Bootstrap Os, Hci Compute Node, Vim | 2025-08-14 | N/A | 4.2 MEDIUM |
| When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003 | |||||
| CVE-2025-50162 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-08-14 | N/A | 8.0 HIGH |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-50163 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-08-14 | N/A | 8.8 HIGH |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-50164 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-08-14 | N/A | 8.0 HIGH |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-50155 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-14 | N/A | 7.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | |||||