Vulnerabilities (CVE)

Filtered by CWE-787
Total 14041 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-27890 1 Firebirdsql 1 Firebird 2026-06-17 N/A 8.2 HIGH
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCT_specific_data segments during authentication, the server assumes segments arrive in strictly ascending order. If segments arrive out of order, the Array class's grow() method computes a negative size value, causing a SIGSEGV crash. An unauthenticated attacker who knows only the server's IP and port can exploit this to crash the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.
CVE-2026-27853 1 Powerdns 1 Dnsdist 2026-06-17 N/A 5.9 MEDIUM
An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535 bytes, potentially leading to a crash resulting in denial of service.
CVE-2026-27816 1 Linuxfoundation 1 Everest 2026-06-17 N/A 9.1 CRITICAL
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_update_energy_transfer_modes copies a variable-length list into a fixed-size array of length 6 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can trigger out-of-bounds writes and corrupt adjacent EVSE state or crash the process. Version 2026.02.0 contains a patch.
CVE-2026-27815 1 Linuxfoundation 1 Everest 2026-06-17 N/A 9.1 CRITICAL
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_session_setup copies a variable-length payment_options list into a fixed-size array of length 2 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can trigger out-of-bounds writes and corrupt adjacent EVSE state or crash the process. Version 2026.02.0 contains a patch.
CVE-2026-27703 1 Riot-os 1 Riot 2026-06-17 N/A 7.5 HIGH
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. In 2026.01 and earlier, the default handler for the well_known_core resource coap_well_known_core_default_handler writes user-provided option data and other data into a fixed size buffer without validating the buffer is large enough to contain the response. This vulnerability allows an attacker to corrupt neighboring stack location, including security-sensitive addresses like the return address, leading to denial of service or arbitrary code execution.
CVE-2026-27692 1 Color 1 Iccdev 2026-06-17 N/A 7.1 HIGH
iccDEV provides a set of libraries and tools for working with ICC color management profiles. In versions up to and including 2.3.1.4, heap-buffer-overflow read occurs during CIccTagTextDescription::Release() when strlen() reads past a heap buffer while parsing ICC profile XML text description tags, causing a crash. Commit 29d088840b962a7cdd35993dfabc2cb35a049847 fixes the issue. No known workarounds are available.
CVE-2026-27664 2026-06-17 N/A 7.5 HIGH
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), SICORE Base system (All versions < V26.10.0). The affected application contains an out-of-bounds write vulnerability while parsing specially crafted XML inputs. This could allow an unauthenticated attacker to exploit this issue by sending a malicious XML request, which may cause the service to crash, resulting in a denial-of-service condition.
CVE-2026-27648 2026-06-17 N/A 8.8 HIGH
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.
CVE-2026-27295 2 Adobe, Microsoft 2 Framemaker, Windows 2026-06-17 N/A 7.8 HIGH
Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-27291 1 Adobe 1 Indesign 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-27280 1 Adobe 1 Dng Software Development Kit 2026-06-17 N/A 7.8 HIGH
DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-27279 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-27275 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-27274 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-27273 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-27272 2 Adobe, Microsoft 2 Illustrator, Windows 2026-06-17 N/A 7.8 HIGH
Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-27258 1 Adobe 1 Dng Software Development Kit 2026-06-17 N/A 5.5 MEDIUM
DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-26736 1 Totolink 2 A3002ru-v3, A3002ru Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the static_ipv6 parameter in the formIpv6Setup function.
CVE-2026-26732 1 Totolink 2 A3002ru-v2, A3002ru Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the vpnUser or vpnPassword` parameters in the formFilter function.
CVE-2026-26731 1 Totolink 2 A3002ru-v2, A3002ru Firmware 2026-06-17 N/A 8.8 HIGH
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the routernamer`parameter in the formDnsv6 function.