Vulnerabilities (CVE)

Filtered by CWE-787
Total 14076 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-53705 1 Ashlar 5 Argon, Cobalt, Cobalt Share and 2 more 2026-06-17 N/A 7.8 HIGH
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2025-53597 1 Qnap 1 License Center 2026-06-17 N/A 6.5 MEDIUM
A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later
CVE-2025-53593 1 Qnap 2 Qts, Quts Hero 2026-06-17 N/A 6.5 MEDIUM
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later
CVE-2025-53524 2026-06-17 N/A 7.8 HIGH
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code.
CVE-2025-53367 2026-06-17 N/A N/A
DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29.
CVE-2025-52952 1 Juniper 34 2x100ge \+ 4x10ge Mpc5e, 2x100ge \+ 4x10ge Mpc5eq, 2x100ge \+ 8x10ge Mpc4e and 31 more 2026-06-17 N/A 6.5 MEDIUM
An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions before 22.2R3-S1, * from 22.4 before 22.4R2. This feature is not enabled by default.
CVE-2025-52939 2026-06-17 N/A N/A
Out-of-bounds Write vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects NotepadNext: through v0.11.
CVE-2025-52540 2026-06-17 N/A N/A
An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.
CVE-2025-52513 1 Samsung 6 Exynos 1580, Exynos 1580 Firmware, Exynos 2400 and 3 more 2026-06-17 N/A 7.5 HIGH
An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial of service.
CVE-2025-52458 1 Openatom 1 Openharmony 2026-06-17 N/A 5.5 MEDIUM
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-52221 1 Tenda 2 Ac6, Ac6 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.
CVE-2025-50054 1 Openvpn 1 Ovpn-dco-win 2026-06-17 N/A 5.5 MEDIUM
Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash
CVE-2025-4919 1 Mozilla 2 Firefox, Thunderbird 2026-06-17 N/A 8.8 HIGH
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2.
CVE-2025-4918 1 Mozilla 2 Firefox, Thunderbird 2026-06-17 N/A 9.8 CRITICAL
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2.
CVE-2025-4890 1 Fabian 1 Tourism Management System 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVE-2025-4883 1 Dlink 2 Di-8100g, Di-8100g Firmware 2026-06-17 8.3 HIGH 7.2 HIGH
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4843 1 Dlink 2 Dcs-932l, Dcs-932l Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. This affects the function SubUPnPCSInit of the file /sbin/udev. The manipulation of the argument CameraName leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-4842 1 Dlink 2 Dcs-932l, Dcs-932l Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. This vulnerability affects the function isUCPCameraNameChanged of the file /sbin/ucp. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-4841 1 Dlink 2 Dcs-932l, Dcs-932l Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-4810 1 Tenda 2 Ac7, Ac7 Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.