Vulnerabilities (CVE)

Filtered by CWE-787
Total 14042 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-21305 1 Adobe 1 Substance 3d Painter 2026-06-17 N/A 7.8 HIGH
Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21304 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21299 1 Adobe 1 Substance 3d Modeler 2026-06-17 N/A 7.8 HIGH
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21298 1 Adobe 1 Substance 3d Modeler 2026-06-17 N/A 7.8 HIGH
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21283 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Bridge versions 15.1.2, 16.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21281 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21277 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21259 1 Microsoft 5 365 Apps, Excel, Office and 2 more 2026-06-17 N/A 7.8 HIGH
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
CVE-2026-21248 1 Microsoft 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more 2026-06-17 N/A 7.3 HIGH
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
CVE-2026-21246 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-06-17 N/A 7.8 HIGH
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2026-21245 1 Microsoft 3 Windows 11 24h2, Windows 11 25h2, Windows Server 2025 2026-06-17 N/A 7.8 HIGH
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-21244 1 Microsoft 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more 2026-06-17 N/A 7.3 HIGH
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
CVE-2026-21239 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-06-17 N/A 7.8 HIGH
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-21236 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-06-17 N/A 7.8 HIGH
Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-21018 1 Samsung 1 Android 2026-06-17 N/A 6.7 MEDIUM
Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code.
CVE-2026-20879 2026-06-17 N/A N/A
Out-of-bounds write for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data corruption. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (high) and availability (high) impacts.
CVE-2026-20797 1 Copeland 6 Xweb 300d Pro, Xweb 300d Pro Firmware, Xweb 500b Pro and 3 more 2026-06-17 N/A 4.3 MEDIUM
A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to cause stack corruption and a termination of the program.
CVE-2026-20714 1 Intel 1 Quickassist Technology 2026-06-17 N/A 7.8 HIGH
Out-of-bounds write for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2026-20698 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 7.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2026-20657 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 6.5 MEDIUM
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. Parsing a maliciously crafted file may lead to an unexpected app termination.