Vulnerabilities (CVE)

Filtered by CWE-787
Total 14079 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-44014 1 Qnap 1 Qsync Central 2026-06-17 N/A 8.8 HIGH
An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later
CVE-2025-43594 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions 19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43593 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43590 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43588 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43581 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43575 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2026-06-17 N/A 7.8 HIGH
Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43572 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43569 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43558 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43554 1 Adobe 1 Substance 3d Modeler 2026-06-17 N/A 7.8 HIGH
Substance3D - Modeler versions 1.21.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43548 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43539 1 Apple 1 Macos 2026-06-17 N/A 8.8 HIGH
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing a file may lead to memory corruption.
CVE-2025-43505 1 Apple 1 Xcode 2026-06-17 N/A 8.8 HIGH
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing a maliciously crafted file may lead to heap corruption.
CVE-2025-43501 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2026-06-17 N/A 4.3 MEDIUM
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43447 1 Apple 4 Ipados, Iphone Os, Visionos and 1 more 2026-06-17 N/A 5.5 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2025-43431 1 Apple 6 Ipados, Iphone Os, Safari and 3 more 2026-06-17 N/A 8.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-43421 1 Apple 4 Ipados, Iphone Os, Safari and 1 more 2026-06-17 N/A 4.3 MEDIUM
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43402 1 Apple 1 Macos 2026-06-17 N/A 7.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt process memory.
CVE-2025-43400 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2026-06-17 N/A 6.3 MEDIUM
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.1 and iPadOS 18.7.1, iOS 26.0.1 and iPadOS 26.0.1, macOS Sequoia 15.7.1, macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, tvOS 26.1, visionOS 26.0.1, watchOS 26.1. Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory.