Vulnerabilities (CVE)

Filtered by CWE-787
Total 14129 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-24441 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24440 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24439 1 Adobe 1 Substance 3d Sampler 2026-06-17 N/A 7.8 HIGH
Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24326 1 F5 1 Big-ip Application Security Manager 2026-06-17 N/A 7.5 HIGH
When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-24309 1 Openatom 1 Openharmony 2026-06-17 N/A 3.8 LOW
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-24304 1 Openatom 1 Openharmony 2026-06-17 N/A 3.3 LOW
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write.
CVE-2025-24273 1 Apple 1 Macos 2026-06-17 N/A 9.8 CRITICAL
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2025-24257 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2026-06-17 N/A 7.1 HIGH
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination or write kernel memory.
CVE-2025-24231 1 Apple 1 Macos 2026-06-17 N/A 9.8 CRITICAL
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system.
CVE-2025-24201 2 Apple, Debian 7 Ipados, Iphone Os, Macos and 4 more 2026-06-17 N/A 10.0 CRITICAL
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
CVE-2025-24185 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. Parsing a maliciously crafted file may lead to an unexpected app termination.
CVE-2025-24154 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2026-06-17 N/A 9.1 CRITICAL
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, visionOS 2.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2025-24139 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, macOS Ventura 13.7.5. Parsing a maliciously crafted file may lead to an unexpected app termination.
CVE-2025-24122 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to modify protected parts of the file system.
CVE-2025-24118 1 Apple 2 Ipados, Macos 2026-06-17 N/A 7.1 HIGH
The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.
CVE-2025-24063 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2026-06-17 N/A 7.8 HIGH
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-24014 2 Netapp, Vim 3 Hci Compute Node, Hci Compute Node Firmware, Vim 2026-06-17 N/A 4.2 MEDIUM
Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.
CVE-2025-23420 1 Openatom 1 Openharmony 2026-06-17 N/A 3.8 LOW
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-23396 1 Siemens 2 Teamcenter Visualization, Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.
CVE-2025-23329 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Triton Inference Server 2026-06-17 N/A 7.5 HIGH
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend. A successful exploit of this vulnerability might lead to denial of service.