ReportizFlow
Filtered by vendor
Subscriptions
Total
3582 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54099 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2026-02-20 | 7 High |
| Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2020-37200 | 1 Nsasoft | 2 Netsharewatcher, Nsauditor Netsharewatcher | 2026-02-17 | 7.5 High |
| NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 1000-character payload and paste it into the registration key field to trigger an application crash. | ||||
| CVE-2024-20154 | 1 Mediatek | 56 Lr12a, Lr13, Mt2735 and 53 more | 2026-02-17 | 8.8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392. | ||||
| CVE-2025-70083 | 1 Opensatkit | 1 Opensatkit | 2026-02-17 | 7.8 High |
| An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size of this buffer is OS_MAX_PATH_LEN. If the length of DirName is greater than or equal to OS_MAX_PATH_LEN, a stack buffer overflow occurs, overwriting adjacent stack memory. The path length check (FileUtil_AppendPathSep) is performed after the strcpy operation, meaning the validation occurs too late and cannot prevent the overflow. | ||||
| CVE-2025-70085 | 1 Opensatkit | 1 Opensatkit | 2026-02-17 | 9.8 Critical |
| An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames (Source1Filename and the string returned by FileUtil_FileStateStr) into this buffer without any length checking and without using bounded format specifiers such as %.*s. If the filename length approaches OS_MAX_PATH_LEN (commonly 64-256 bytes), the combined formatted string together with constant text can exceed 256 bytes, resulting in a stack buffer overflow. Such unsafe sprintf calls are scattered across multiple functions in file.c, including FILE_ConcatenateCmd() and ConcatenateFiles(), all of which fail to validate the output length. | ||||
| CVE-2025-63658 | 2 Monkey, Monkey-project | 2 Monkey, Monkey | 2026-02-13 | 7.5 High |
| A stack overflow in the mk_http_index_lookup function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. | ||||
| CVE-2025-24075 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-13 | 7.8 High |
| Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-27481 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-26688 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-13 | 7.8 High |
| Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-48725 | 2 Qnap, Qnap Systems | 3 Qts, Quts Hero, Quts Hero | 2026-02-12 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later | ||||
| CVE-2024-37984 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-11 | 8.4 High |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-37978 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2026-02-11 | 8 High |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-37972 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-11 | 8 High |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-37971 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-11 | 8 High |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-37970 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-11 | 8 High |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-28899 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-11 | 8.8 High |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2025-67187 | 1 Totolink | 2 A950rg, A950rg Firmware | 2026-02-10 | 9.8 Critical |
| A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment parameter is not properly validated for length. | ||||
| CVE-2020-37133 | 2 Ultravnc, Uvnc | 2 Ultravnc, Ultravnc | 2026-02-10 | 7.5 High |
| UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash. | ||||
| CVE-2020-37132 | 2 Ultravnc, Uvnc | 2 Ultravnc, Ultravnc | 2026-02-10 | 6.2 Medium |
| UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long 300-character string into the password field to trigger an application crash and prevent normal launcher functionality. | ||||
| CVE-2025-68670 | 2 Debian, Neutrinolabs | 2 Debian Linux, Xrdp | 2026-02-06 | 9.1 Critical |
| xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote attackers to execute arbitrary code on the target system. The vulnerability allows an attacker to overwrite the stack buffer and the return address, which could theoretically be used to redirect the execution flow. The impact of this vulnerability is lessened if a compiler flag has been used to build the xrdp executable with stack canary protection. If this is the case, a second vulnerability would need to be used to leak the stack canary value. Upgrade to version 0.10.5 to receive a patch. Additionally, do not rely on stack canary protection on production systems. | ||||