Total
13704 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20751 | 1 Mediatek | 27 Modem, Mt2735, Mt6833 and 24 more | 2026-02-17 | 6.5 Medium |
| In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661195; Issue ID: MSV-4297. | ||||
| CVE-2025-20634 | 1 Mediatek | 32 Mt2737, Mt6813, Mt6835 and 29 more | 2026-02-17 | 8.8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436. | ||||
| CVE-2024-20154 | 1 Mediatek | 56 Lr12a, Lr13, Mt2735 and 53 more | 2026-02-17 | 8.8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392. | ||||
| CVE-2026-20616 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-02-17 | 6.5 Medium |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination. | ||||
| CVE-2025-48518 | 1 Amd | 9 Radeon Pro V710, Radeon Pro W7000 Series, Radeon Rx 7000 Series and 6 more | 2026-02-13 | N/A |
| Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service. | ||||
| CVE-2026-25990 | 2 Python, Python-pillow | 2 Pillow, Pillow | 2026-02-13 | 7.5 High |
| Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1. | ||||
| CVE-2026-23112 | 1 Linux | 1 Linux Kernel | 2026-02-13 | 7.6 High |
| In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU length or offset exceeds sg_cnt and then use bogus sg->length/offset values, leading to _copy_to_iter() GPF/KASAN. Guard sg_idx, remaining entries, and sg->length/offset before building the bvec. | ||||
| CVE-2023-4911 | 6 Canonical, Debian, Fedoraproject and 3 more | 43 Ubuntu Linux, Debian Linux, Fedora and 40 more | 2026-02-13 | 7.8 High |
| A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | ||||
| CVE-2026-21352 | 1 Adobe | 2 Dng Sdk, Dng Software Development Kit | 2026-02-13 | 7.8 High |
| DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-45188 | 3 Debian, Fedoraproject, Netatalk | 3 Debian Linux, Fedora, Netatalk | 2026-02-13 | 7.8 High |
| Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS). | ||||
| CVE-2018-1160 | 3 Debian, Netatalk, Synology | 7 Debian Linux, Netatalk, Diskstation Manager and 4 more | 2026-02-13 | 9.8 Critical |
| Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. | ||||
| CVE-2025-27487 | 1 Microsoft | 27 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 24 more | 2026-02-13 | 8 High |
| Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-27477 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24063 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.8 High |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-30376 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-13 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-29979 | 1 Microsoft | 11 365 Apps, Excel, Office and 8 more | 2026-02-13 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-29967 | 1 Microsoft | 25 Remote Desktop, Windows 10 1507, Windows 10 1607 and 22 more | 2026-02-13 | 8.8 High |
| Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-29966 | 1 Microsoft | 26 Remote Desktop, Windows 10 1507, Windows 10 1607 and 23 more | 2026-02-13 | 8.8 High |
| Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-20644 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-02-12 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2023-53543 | 1 Linux | 1 Linux Kernel | 2026-02-12 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr pointer in info->attrs before entering into each handler in vdpa_nl_ops. That is to say, the missing part in vdpa_nl_policy may lead to illegal nlattr after parsing, which could lead to OOB read just like CVE-2023-3773. This patch adds the missing nla_policy for vdpa max vqp attr to avoid such bugs. | ||||