Vulnerabilities (CVE)

Filtered by CWE-787
Total 14128 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-29029 1 Tenda 2 Ac6, Ac6 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.
CVE-2025-27821 1 Apache 1 Hadoop 2026-06-17 N/A 7.3 HIGH
Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.
CVE-2025-27807 1 Samsung 38 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 35 more 2026-06-17 N/A 9.1 CRITICAL
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS packets.
CVE-2025-27713 1 Intel 1 Quickassist Technology 2026-06-17 N/A 7.8 HIGH
Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-27598 1 Sixlabors 1 Imagesharp 2026-06-17 N/A 7.5 HIGH
ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to v3.1.7 or v2.1.10.
CVE-2025-27487 1 Microsoft 17 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 14 more 2026-06-17 N/A 8.0 HIGH
Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.
CVE-2025-27477 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2026-06-17 N/A 8.8 HIGH
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-27374 1 Samsung 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more 2026-06-17 N/A 5.3 MEDIUM
An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a length check leads to out-of-bounds writes.
CVE-2025-27363 2 Debian, Freetype 2 Debian Linux, Freetype 2026-06-17 N/A 8.1 HIGH
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
CVE-2025-27243 1 Intel 12 Ethernet Controller, Ethernet Network Adapter E810-2cqda2, Ethernet Network Adapter E810-cqda1 and 9 more 2026-06-17 N/A 6.0 MEDIUM
Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-27198 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27197 1 Adobe 1 Lightroom 2026-06-17 N/A 7.8 HIGH
Lightroom Desktop versions 8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27196 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27195 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27194 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27193 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2026-06-17 N/A 7.8 HIGH
Bridge versions 14.1.5, 15.0.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27183 3 Adobe, Apple, Microsoft 3 After Effects, Macos, Windows 2026-06-17 N/A 7.8 HIGH
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27182 3 Adobe, Apple, Microsoft 3 After Effects, Macos, Windows 2026-06-17 N/A 7.8 HIGH
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27178 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27177 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-06-17 N/A 7.8 HIGH
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.