Total
1867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-42980 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-06-11 | N/A | 7.8 HIGH |
| Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-42904 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 23h2 and 5 more | 2026-06-11 | N/A | 9.6 CRITICAL |
| Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network. | |||||
| CVE-2026-2049 | 2026-06-11 | N/A | 7.8 HIGH | ||
| GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HDR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28618. | |||||
| CVE-2026-11604 | 2026-06-11 | N/A | N/A | ||
| An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash (denial of service). | |||||
| CVE-2026-47291 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-06-10 | N/A | 9.8 CRITICAL |
| Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2026-45657 | 1 Microsoft | 6 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 and 3 more | 2026-06-10 | N/A | 9.8 CRITICAL |
| Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2026-40404 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-06-10 | N/A | 7.8 HIGH |
| Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | |||||
| CVE-2026-11884 | 2026-06-10 | N/A | 6.5 MEDIUM | ||
| A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the oc_superior (SUP) field length is omitted from buffer size calculations in read_schema_dse() and schema_oc_to_string(), but the field is still written via strcat(). An attacker with Directory Manager privileges, or a compromised replication supplier, can trigger a server crash by creating objectclasses with long SUP values. This is an incomplete fix variant of CVE-2025-14905. | |||||
| CVE-2026-5201 | 2 Gnome, Redhat | 4 Gdk-pixbuf, Enterprise Linux, Enterprise Linux Server Aus and 1 more | 2026-06-10 | N/A | 7.5 HIGH |
| A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions. | |||||
| CVE-2026-47652 | 1 Microsoft | 6 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 and 3 more | 2026-06-10 | N/A | 8.2 HIGH |
| Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-48574 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-06-10 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-49841 | 1 Freeswitch | 1 Freeswitch | 2026-06-10 | N/A | 9.8 CRITICAL |
| FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, the mod_verto HTTP request handler allocates a fixed 2 MiB buffer for a POST application/x-www-form-urlencoded body but accepts Content-Length up to just under 10 MiB. The body-read loop is bounded by Content-Length rather than the buffer size, producing an attacker-controlled heap overflow of up to ~8 MiB -- before the HTTP basic-auth check runs. This issue has been patched in version 1.11.1. | |||||
| CVE-2026-49840 | 1 Freeswitch | 1 Freeswitch | 2026-06-10 | N/A | 9.1 CRITICAL |
| FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, esl_recv_event() parses Content-Length with atol() and passes the result straight to malloc(len + 1) with no sign or magnitude check. A malicious or man-in-the-middle ESL peer can send a frame with a negative Content-Length to corrupt the heap of, or crash, any process linked against libesl, before the client has authenticated to that peer. This issue has been patched in version 1.11.1. | |||||
| CVE-2026-34707 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-06-10 | N/A | 7.8 HIGH |
| InCopy versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-34701 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-06-10 | N/A | 7.8 HIGH |
| InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-34699 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-06-10 | N/A | 7.8 HIGH |
| InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-34698 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-06-10 | N/A | 7.8 HIGH |
| InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-43688 | 2026-06-09 | N/A | 7.5 HIGH | ||
| An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). There is a Heap buffer overflow in various buffer encryption utilities. | |||||
| CVE-2026-24180 | 2026-06-09 | N/A | 7.3 HIGH | ||
| NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure. | |||||
| CVE-2026-45475 | 2026-06-09 | N/A | 7.8 HIGH | ||
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||