Total
8822 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21178 | 1 Microsoft | 4 Visual Studio 2015, Visual Studio 2017, Visual Studio 2019 and 1 more | 2026-02-26 | 8.8 High |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2025-24228 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2026-22984 | 1 Linux | 1 Linux Kernel | 2026-02-26 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout. [ idryomov: changelog ] | ||||
| CVE-2025-1658 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2026-02-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-1659 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2026-02-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-2509 | 1 Google | 1 Chrome Os | 2026-02-26 | 7.8 High |
| Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via crafted vertex elements data triggering an out-of-bounds read in util_format_description. | ||||
| CVE-2024-45568 | 1 Qualcomm | 26 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 23 more | 2026-02-26 | 6.7 Medium |
| Memory corruption due to improper bounds check while command handling in camera-kernel driver. | ||||
| CVE-2025-20660 | 2 Google, Mediatek | 2 Android, Mt9972 | 2026-02-26 | 6.7 Medium |
| In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186. | ||||
| CVE-2025-20661 | 2 Google, Mediatek | 2 Android, Mt9972 | 2026-02-26 | 6.7 Medium |
| In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3185. | ||||
| CVE-2025-20662 | 2 Google, Mediatek | 2 Android, Mt9972 | 2026-02-26 | 6.7 Medium |
| In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04428276; Issue ID: MSV-3184. | ||||
| CVE-2025-21475 | 1 Qualcomm | 80 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 77 more | 2026-02-26 | 7.8 High |
| Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. | ||||
| CVE-2025-21438 | 1 Qualcomm | 86 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 83 more | 2026-02-26 | 7.8 High |
| Memory corruption while IOCTL call is invoked from user-space to read board data. | ||||
| CVE-2025-32704 | 1 Microsoft | 8 365 Apps, Excel, Excel 2016 and 5 more | 2026-02-26 | 8.4 High |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-32705 | 1 Microsoft | 4 365 Apps, Office 2021, Office 2024 and 1 more | 2026-02-26 | 7.8 High |
| Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-32707 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2026-02-26 | 7.8 High |
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-29834 | 1 Microsoft | 1 Edge Chromium | 2026-02-26 | 7.5 High |
| Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-4918 | 2 Mozilla, Redhat | 8 Firefox, Thunderbird, Enterprise Linux and 5 more | 2026-02-26 | 9.8 Critical |
| An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | ||||
| CVE-2025-4919 | 2 Mozilla, Redhat | 8 Firefox, Thunderbird, Enterprise Linux and 5 more | 2026-02-26 | 8.8 High |
| An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | ||||
| CVE-2025-4082 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | 5.9 Medium |
| Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. *This bug only affects Thunderbird for macOS. Other versions of Thunderbird are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10. | ||||
| CVE-2025-49657 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-26 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||