Vulnerabilities (CVE)

Filtered by CWE-787
Total 14080 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-43400 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2026-06-17 N/A 6.3 MEDIUM
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.1 and iPadOS 18.7.1, iOS 26.0.1 and iPadOS 26.0.1, macOS Sequoia 15.7.1, macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, tvOS 26.1, visionOS 26.0.1, watchOS 26.1. Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory.
CVE-2025-43380 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. Parsing a file may lead to an unexpected app termination.
CVE-2025-43373 1 Apple 1 Macos 2026-06-17 N/A 7.5 HIGH
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2025-43353 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. Processing a maliciously crafted string may lead to heap corruption.
CVE-2025-43349 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 2.8 LOW
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted video file may lead to unexpected app termination.
CVE-2025-43302 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 5.5 MEDIUM
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause unexpected system termination.
CVE-2025-43300 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 10.0 CRITICAL
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
CVE-2025-43237 1 Apple 1 Macos 2026-06-17 N/A 9.8 CRITICAL
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected system termination.
CVE-2025-43224 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2026-06-17 N/A 7.1 HIGH
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
CVE-2025-43219 1 Apple 1 Macos 2026-06-17 N/A 8.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory.
CVE-2025-43210 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 6.3 MEDIUM
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
CVE-2025-43209 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 9.8 CRITICAL
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-43202 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 8.8 HIGH
This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption.
CVE-2025-42971 2026-06-17 N/A 4.0 MEDIUM
A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file extraction and file overwrite outside the intended directories. This vulnerability has low impact on the confidentiality, integrity and availability of the application.
CVE-2025-42940 2026-06-17 N/A 7.5 HIGH
SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact on confidentiality or integrity.
CVE-2025-42877 2026-06-17 N/A 7.5 HIGH
SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application.
CVE-2025-41766 1 Mbs-solutions 4 Ubr-01 Mk Ii, Ubr-02, Ubr-lon and 1 more 2026-06-17 N/A 8.8 HIGH
A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.
CVE-2025-41732 1 Wago 4 0852-1322, 0852-1322 Firmware, 0852-1328 and 1 more 2026-06-17 N/A 9.8 CRITICAL
An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_cookie() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.
CVE-2025-41730 1 Wago 4 0852-1322, 0852-1322 Firmware, 0852-1328 and 1 more 2026-06-17 N/A 9.8 CRITICAL
An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.
CVE-2025-41679 1 Mbconnectline 2 Mbnet.mini, Mbnet.mini Firmware 2026-06-17 N/A 5.3 MEDIUM
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.