Vulnerabilities (CVE)

Filtered by CWE-787
Total 14075 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-61837 1 Adobe 1 Format Plugins 2026-06-17 N/A 7.8 HIGH
Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61832 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61831 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61829 1 Adobe 1 Illustrator On Ipad 2026-06-17 N/A 7.8 HIGH
Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61828 1 Adobe 1 Illustrator On Ipad 2026-06-17 N/A 7.8 HIGH
Illustrator on iPad versions 3.0.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61827 1 Adobe 1 Illustrator On Ipad 2026-06-17 N/A 7.8 HIGH
Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61824 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61820 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61819 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61816 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InCopy versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61553 2026-06-17 N/A 8.2 HIGH
An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash) via a crafted PCI configuration space access. Given it's a heap overflow in a privileged hypervisor context, exploitation may enable arbitrary code execution or guest-to-host privilege escalation.
CVE-2025-60663 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanMTU parameter in the fromAdvSetMacMtuWan function.
CVE-2025-60662 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanSpeed parameter in the fromAdvSetMacMtuWan function.
CVE-2025-60661 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 5.3 MEDIUM
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the cloneType parameter in the fromAdvSetMacMtuWan function.
CVE-2025-60660 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the mac parameter in the fromAdvSetMacMtuWan function.
CVE-2025-60342 1 Tenda 2 Ac6, Ac6 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the addressNat function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-60341 1 Tenda 2 Ac6, Ac6 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-60339 1 Tenda 2 Ac6, Ac6 Firmware 2026-06-17 N/A 7.5 HIGH
Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTime parameters.
CVE-2025-60338 1 Tenda 2 Ac6, Ac6 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the DhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-60337 1 Tenda 2 Ac6, Ac6 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.