ReportizFlow
Filtered by vendor
Subscriptions
Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26403 | 1 Intel | 2 Xeon, Xeon Processors | 2026-04-15 | 7.2 High |
| Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-9340 | 1 Bouncycastle | 1 Legion-of-the-bouncy-castle-fips-java-api | 2026-04-15 | 5.9 Medium |
| Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher. This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0. | ||||
| CVE-2025-42877 | 1 Sap | 3 Content Server, Internet Communication Manager, Web Dispatcher | 2026-04-15 | 7.5 High |
| SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application. | ||||
| CVE-2024-12668 | 2026-04-15 | 8.2 High | ||
| Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the location in memory for the g_CiOptions global symbol. This can be leveraged to disable signed driver enforcement on the target system - allowing attackers to load unsigned drivers. | ||||
| CVE-2010-20115 | 2 Arcane Software, Microsoft | 2 Vermillion Ftp Daemon, Windows | 2026-04-15 | N/A |
| Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and potentially execute arbitrary code. Exploitation requires direct access to the FTP service and is constrained by a single execution attempt if the daemon is installed as a Windows service. | ||||
| CVE-2021-47705 | 1 Commax | 1 Ums Client Activex Control | 2026-04-15 | N/A |
| COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNC_Ctrl.dll to cause heap corruption and potentially gain system-level access. | ||||
| CVE-2025-9903 | 1 Canon | 5 Generic Plus Lips4 Printer Driver, Generic Plus Lipslx Printer Driver, Generic Plus Pcl6 Printer Driver and 2 more | 2026-04-15 | 5.9 Medium |
| Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / Generic FAX Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver | ||||
| CVE-2025-9230 | 1 Openssl | 1 Openssl | 2026-04-15 | 7.5 High |
| Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. | ||||
| CVE-2025-4877 | 1 Redhat | 2 Enterprise Linux, Openshift | 2026-04-15 | 4.5 Medium |
| There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to ssh_get_fingerprint_hash() function. In such cases the bin_to_base64() function can experience an integer overflow leading to a memory under allocation, when that happens it's possible that the program perform out of bounds write leading to a heap corruption. This issue affects only 32-bits builds of libssh. | ||||
| CVE-2025-0624 | 1 Redhat | 7 Enterprise Linux, Openshift, Rhel Aus and 4 more | 2026-04-15 | 7.6 High |
| A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections. | ||||
| CVE-2024-10573 | 1 Redhat | 1 Enterprise Linux | 2026-04-15 | 6.7 Medium |
| An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. | ||||
| CVE-2025-5898 | 1 Gnu | 1 Pspp | 2026-04-15 | 5.3 Medium |
| A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of the file utilities/pspp-convert.c. The manipulation leads to out-of-bounds write. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-29949 | 1 Amd | 17 Ryzen 5000 Series Desktop Processors, Ryzen 5000 Series Desktop Processors With Radeon Graphics, Ryzen 5000 Series Mobile Processors With Radeon Graphics and 14 more | 2026-04-15 | N/A |
| Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service. | ||||
| CVE-2025-41236 | 1 Vmware | 3 Esxi, Fusion, Workstation | 2026-04-15 | 9.3 Critical |
| VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue. | ||||
| CVE-2025-33029 | 2 Intel, Microsoft | 4 Proset, Proset/wireless, Proset/wireless Software and 1 more | 2026-04-15 | 7.4 High |
| Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via adjacent access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (high) impacts. | ||||
| CVE-2024-45776 | 1 Redhat | 2 Enterprise Linux, Openshift | 2026-04-15 | 6.7 Medium |
| When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections. | ||||
| CVE-2025-53367 | 2026-04-15 | N/A | ||
| DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29. | ||||
| CVE-2025-61553 | 1 Bitvisor | 1 Bitvisor | 2026-04-15 | 8.2 High |
| An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash) via a crafted PCI configuration space access. Given it's a heap overflow in a privileged hypervisor context, exploitation may enable arbitrary code execution or guest-to-host privilege escalation. | ||||
| CVE-2025-54957 | 1 Dolby | 1 Udc | 2026-04-15 | 9.8 Critical |
| An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evo_priv.c from the DD+ bitstream, the decoder writes that data into a buffer. The length calculation for a write can overflow due to an integer wraparound. This can lead to the allocated buffer being too small, and the out-of-bounds check of the subsequent write to be ineffective, leading to an out-of-bounds write. | ||||
| CVE-2025-5688 | 1 Amazon | 1 Freertos | 2026-04-15 | N/A |
| We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes. | ||||