Total
2679 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-14673 | 2025-12-14 | 7.3 High | ||
| A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-14672 | 2025-12-14 | 7.3 High | ||
| A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7_micro_client.cpp. Executing manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | ||||
| CVE-2025-67896 | 1 Exim | 1 Exim | 2025-12-14 | 6.4 Medium |
| Exim before 4.99.1 allows remote heap corruption that will be further described on 2025-12-18. | ||||
| CVE-2025-64680 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-12-12 | 7.8 High |
| Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-64679 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-12-12 | 7.8 High |
| Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-64678 | 1 Microsoft | 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more | 2025-12-12 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-62470 | 1 Microsoft | 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more | 2025-12-12 | 7.8 High |
| Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-62458 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2025-12-12 | 7.8 High |
| Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-62456 | 1 Microsoft | 10 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 7 more | 2025-12-12 | 8.8 High |
| Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-62454 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2025-12-12 | 7.8 High |
| Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-54113 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2025-12-12 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-36923 | 1 Google | 1 Android | 2025-12-12 | 8 High |
| In NrmmDecoder::DecodeSORTransparentContext of cn_NrmmDecoder.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-14087 | 1 Redhat | 1 Enterprise Linux | 2025-12-12 | 5.6 Medium |
| A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings. | ||||
| CVE-2025-66587 | 1 Azeotech | 1 Daqfactory | 2025-12-12 | N/A |
| In AzeoTech DAQFactory release 20.7 (Build 2555), the affected application is vulnerable to memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2025-59275 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2025-12-11 | 7.8 High |
| Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59191 | 1 Microsoft | 23 Connected Devices Platform Service, Windows, Windows 10 and 20 more | 2025-12-11 | 7.8 High |
| Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-58725 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2025-12-11 | 7 High |
| Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55697 | 1 Microsoft | 7 Azure, Azure Cli, Windows Server and 4 more | 2025-12-11 | 7.8 High |
| Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59295 | 1 Microsoft | 31 Internet Explorer, Windows, Windows 10 and 28 more | 2025-12-11 | 8.8 High |
| Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-59255 | 1 Microsoft | 22 Windows, Windows 10, Windows 10 1809 and 19 more | 2025-12-11 | 7.8 High |
| Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||||