Filtered by CWE-787
Filtered by vendor Subscriptions
Total 12786 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-47108 1 Adobe 1 Substance 3d Painter 2025-07-14 7.8 High
Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43581 1 Adobe 1 Substance 3d Sampler 2025-07-14 7.8 High
Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43588 1 Adobe 1 Substance 3d Sampler 2025-07-14 7.8 High
Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-20695 3 Google, Mediatek, Openwrt 14 Android, Mt6639, Mt6653 and 11 more 2025-07-14 6.5 Medium
In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317.
CVE-2023-52725 2 Linuxfoundation, Open Networking Foundation 2 Onos-kpimon, Sd-ran Onos 2025-07-14 6.5 Medium
Open Networking Foundation SD-RAN ONOS onos-kpimon 0.4.7 allows blocking of the errCh channel within the Start function of the monitoring package.
CVE-2023-52727 1 Linuxfoundation 1 Onos-lib-go 2025-07-14 8.1 High
Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in parseAlignBits.
CVE-2023-52724 1 Linuxfoundation 1 Onos-kpimon 2025-07-14 8.1 High
Open Networking Foundation SD-RAN onos-kpimon 0.4.7 allows out-of-bounds array access in the processIndicationFormat1 function.
CVE-2019-20208 2 Debian, Gpac 2 Debian Linux, Gpac 2025-07-11 5.5 Medium
dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow.
CVE-2025-6376 1 Rockwellautomation 1 Arena 2025-07-11 7.8 High
A remote code execution security issue exists in the Rockwell Automation Arena®.  A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threat actor could execute arbitrary code on the target system. The software must run under the context of the administrator in order to cause worse case impact. This is reflected in the Rockwell CVSS score, as AT:P.
CVE-2025-6377 1 Rockwellautomation 1 Arena 2025-07-11 7.8 High
A remote code execution security issue exists in the Rockwell Automation Arena®.  A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threat actor could execute arbitrary code on the target system. The software must run under the context of the administrator in order to cause worse case impact. This is reflected in the Rockwell CVSS score, as AT:P.
CVE-2024-12835 1 Deltaww 1 Drasimucad 2025-07-11 N/A
Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22415.
CVE-2025-47727 1 Deltaww 1 Cncsoft 2025-07-11 7.3 High
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2025-47725 1 Deltaww 1 Cncsoft 2025-07-11 7.3 High
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2025-47726 1 Deltaww 1 Cncsoft 2025-07-11 7.3 High
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2025-47724 1 Deltaww 1 Cncsoft 2025-07-11 7.3 High
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2025-47728 2 Delta Electronics, Deltaww 2 Cncsoft-g2, Cncsoft-g2 2025-07-11 7.3 High
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2025-21164 1 Adobe 1 Substance 3d Designer 2025-07-11 7.8 High
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21165 1 Adobe 1 Substance 3d Designer 2025-07-11 7.8 High
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21166 1 Adobe 1 Substance 3d Designer 2025-07-11 7.8 High
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-30312 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2025-07-11 7.8 High
Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.