Total
14060 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-62164 | 1 Vllm | 1 Vllm | 2026-06-17 | N/A | 8.8 HIGH |
| vLLM is an inference and serving engine for large language models (LLMs). From versions 0.10.2 to before 0.11.1, a memory corruption vulnerability could lead to a crash (denial-of-service) and potentially remote code execution (RCE), exists in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using torch.load() without sufficient validation. Due to a change introduced in PyTorch 2.8.0, sparse tensor integrity checks are disabled by default. As a result, maliciously crafted tensors can bypass internal bounds checks and trigger an out-of-bounds memory write during the call to to_dense(). This memory corruption can crash vLLM and potentially lead to code execution on the server hosting vLLM. This issue has been patched in version 0.11.1. | |||||
| CVE-2025-61859 | 1 Fujielectric | 1 Monitouch V-sft | 2026-06-17 | N/A | 7.8 HIGH |
| An out-of-bounds write vulnerability exists in VS6ComFile!CItemDraw::is_motion_tween of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | |||||
| CVE-2025-61858 | 1 Fujielectric | 1 Monitouch V-sft | 2026-06-17 | N/A | 7.8 HIGH |
| An out-of-bounds write vulnerability exists in VS6ComFile!set_AnimationItem of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | |||||
| CVE-2025-61857 | 1 Fujielectric | 1 Monitouch V-sft | 2026-06-17 | N/A | 7.8 HIGH |
| An out-of-bounds write vulnerability exists in VS6ComFile!CItemExChange::WinFontDynStrCheck of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | |||||
| CVE-2025-61838 | 1 Adobe | 1 Format Plugins | 2026-06-17 | N/A | 7.8 HIGH |
| Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61837 | 1 Adobe | 1 Format Plugins | 2026-06-17 | N/A | 7.8 HIGH |
| Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61832 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61831 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61829 | 1 Adobe | 1 Illustrator On Ipad | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61828 | 1 Adobe | 1 Illustrator On Ipad | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator on iPad versions 3.0.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61827 | 1 Adobe | 1 Illustrator On Ipad | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61824 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61820 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61819 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61816 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| InCopy versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61553 | 2026-06-17 | N/A | 8.2 HIGH | ||
| An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash) via a crafted PCI configuration space access. Given it's a heap overflow in a privileged hypervisor context, exploitation may enable arbitrary code execution or guest-to-host privilege escalation. | |||||
| CVE-2025-60663 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanMTU parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60662 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanSpeed parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60661 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 5.3 MEDIUM |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the cloneType parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60660 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the mac parameter in the fromAdvSetMacMtuWan function. | |||||
