Vulnerabilities (CVE)

Filtered by CWE-787
Total 14129 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25890 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25885 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25883 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25882 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25880 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25874 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25872 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25870 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25868 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25866 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25864 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25861 1 Adobe 1 Illustrator 2026-06-17 N/A 7.8 HIGH
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25860 1 Adobe 1 Illustrator 2026-06-17 N/A 7.8 HIGH
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-25746 1 Mozilla 2 Firefox Esr, Thunderbird 2026-06-17 N/A 8.8 HIGH
Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8.
CVE-2023-25745 1 Mozilla 1 Firefox 2026-06-17 N/A 8.8 HIGH
Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110.
CVE-2023-25744 1 Mozilla 2 Firefox, Firefox Esr 2026-06-17 N/A 8.8 HIGH
Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.
CVE-2023-25732 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-06-17 N/A 8.8 HIGH
When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
CVE-2023-25671 1 Google 1 Tensorflow 2026-06-17 N/A 7.5 HIGH
TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
CVE-2023-25602 1 Fortinet 1 Fortiweb 2026-06-17 N/A 7.8 HIGH
A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.
CVE-2023-25564 1 Gss-ntlmssp Project 1 Gss-ntlmssp 2026-06-17 N/A 6.5 MEDIUM
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable `outlen` was not initialized and could cause writing a zero to an arbitrary place in memory if `ntlm_str_convert()` were to fail, which would leave `outlen` uninitialized. This can lead to a denial of service if the write hits unmapped memory or randomly corrupts a byte in the application memory space. This vulnerability can trigger an out-of-bounds write, leading to memory corruption. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point. This issue is fixed in version 1.2.0.