Total
14041 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-25061 | 2 Debian, Digitalcorpora | 2 Debian Linux, Tcpflow | 2026-06-17 | N/A | 7.5 HIGH |
| tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past `tim.bitmap[251]`. The overflow is small and DoS is the likely impact; code execution is potential, but still up in the air. The affected structure is stack-allocated in `handle_beacon()` and related handlers. As of time of publication, no known patches are available. | |||||
| CVE-2026-24928 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 5.8 MEDIUM |
| Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2026-24926 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 8.4 HIGH |
| Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-24925 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 7.3 HIGH |
| Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-24919 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 6.0 MEDIUM |
| Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-24857 | 1 Simsong | 1 Bulk Extractor | 2026-06-17 | N/A | 9.8 CRITICAL |
| `bulk_extractor` is a digital forensics exploitation tool. Starting in version 1.4, `bulk_extractor`’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in `Unpack::CopyString`, leading to a crash under ASAN (and likely a crash or memory corruption in production builds). There's potential for using this for RCE. As of time of publication, no known patches are available. | |||||
| CVE-2026-24832 | 1 Ixray-team | 1 Ix-ray Engine 1.6 | 2026-06-17 | N/A | 9.8 CRITICAL |
| Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3. | |||||
| CVE-2026-24829 | 2026-06-17 | N/A | 6.5 MEDIUM | ||
| Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4. | |||||
| CVE-2026-24827 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Out-of-bounds Write vulnerability in gerstrong Commander-Genius.This issue affects Commander-Genius: before Release refs/pull/358/merge. | |||||
| CVE-2026-24826 | 2026-06-17 | N/A | N/A | ||
| Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects . | |||||
| CVE-2026-24823 | 2026-06-17 | N/A | N/A | ||
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7. | |||||
| CVE-2026-24822 | 2026-06-17 | N/A | N/A | ||
| Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1. | |||||
| CVE-2026-24817 | 2026-06-17 | N/A | N/A | ||
| Out-of-bounds Write vulnerability in praydog UEVR (dependencies/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects UEVR: before 1.05. | |||||
| CVE-2026-24811 | 1 Root | 1 Root | 2026-06-17 | N/A | 9.8 CRITICAL |
| Vulnerability in root-project root (builtins/zlib modules). This vulnerability is associated with program files inffast.C. This issue affects root. | |||||
| CVE-2026-24809 | 2026-06-17 | N/A | N/A | ||
| An issue from the component luaG_runerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs. | |||||
| CVE-2026-24800 | 2026-06-17 | N/A | N/A | ||
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in tildearrow furnace (extern/zlib modules). This vulnerability is associated with program files inflate.C. | |||||
| CVE-2026-24799 | 2026-06-17 | N/A | N/A | ||
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in davisking dlib (dlib/external/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9. | |||||
| CVE-2026-24797 | 2026-06-17 | N/A | N/A | ||
| Out-of-bounds Write vulnerability in neka-nat cupoch (third_party/libjpeg-turbo/libjpeg-turbo modules). This vulnerability is associated with program files tjbench.C. This issue affects cupoch. | |||||
| CVE-2026-24795 | 2026-06-17 | N/A | N/A | ||
| Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regcomp.C. This issue affects CloverBootloader: before 5162. | |||||
| CVE-2026-24793 | 1 Azerothcore | 1 Azerothcore | 2026-06-17 | N/A | 9.8 CRITICAL |
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in azerothcore azerothcore-wotlk (deps/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects azerothcore-wotlk: through v4.0.0. | |||||
