Search Results (52 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-56650 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 7.8 High
Heap-based buffer overflow in Windows Network File System allows an authorized attacker to elevate privileges locally.
CVE-2026-49792 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-15 7.8 High
Numeric truncation error in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally.
CVE-2026-50357 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-15 7.8 High
Numeric truncation error in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally.
CVE-2026-50332 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7.8 High
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-55142 1 Microsoft 9 365 Apps, Office 2019, Office 2021 and 6 more 2026-07-14 5.5 Medium
Numeric truncation error in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2026-44823 1 Microsoft 9 365 Apps, Excel 2016, Office 2019 and 6 more 2026-07-08 7.8 High
Numeric truncation error in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-6679 1 Wolfssl 1 Wolfssl 2026-06-26 N/A
A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length of the ACK record-number list, causing an undersized buffer to be allocated and then overrun. This affects builds using DTLS 1.3 and wolfSSL version 5.9.0 and earlier. A fix was added to the 5.9.1 release.
CVE-2026-6039 1 The Document Foundation 1 Libreoffice 2026-06-16 5.5 Medium
LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit value when the point buffer was sized, while the full count was used to fill it, so a polyline whose point count exceeded the 16-bit range was written past the end of the buffer. In fixed versions such oversized polylines are rejected.
CVE-2026-40409 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-06-11 7.8 High
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-40404 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-06-10 7.8 High
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2024-43519 1 Microsoft 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more 2026-06-09 8.8 High
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2026-42944 1 Nlnetlabs 1 Unbound 2026-05-20 7.5 High
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options ('nsid', 'answer-cookie', 'pad-responses' (default)) need to be enabled for the vulnerability to be exploited. An adversary who can query Unbound can exploit the vulnerability by attaching multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options to the query. A flaw in the size calculation of the EDNS field truncates the correct value which allows the encoder to overflow the available space when writing. Those two combined lead to a heap overflow write of Unbound controlled data and eventually a crash. Unbound 1.25.1 contains a patch with a fix to de-duplicate the EDNS options and a fix to prevent truncation of the EDNS field size calculation.
CVE-2026-42371 1 Uriparser Project 1 Uriparser 2026-05-18 5.1 Medium
uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.
CVE-2026-40380 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-14 6.2 Medium
Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.
CVE-2026-44927 1 Uriparser Project 1 Uriparser 2026-05-12 2.9 Low
In uriparser before 1.0.2, there is pointer difference truncation to int in various places.
CVE-2025-6965 1 Sqlite 1 Sqlite 2026-04-20 9.8 Critical
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.
CVE-2026-32240 1 Capnproto 1 Capnproto 2026-03-23 6.5 Medium
Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, when using Transfer-Encoding: chunked, if a chunk's size parsed to a value of 2^64 or larger, it would be truncated to a 64-bit integer. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in 1.4.0.
CVE-2025-53723 2 Microsoft, Windows 27 Windows, Windows 10, Windows 10 1507 and 24 more 2026-02-26 7.8 High
Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
CVE-2025-49679 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 7.8 High
Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2024-38044 1 Microsoft 9 Windows Server 2008 R2, Windows Server 2008 Sp2, Windows Server 2012 and 6 more 2026-02-10 7.2 High
DHCP Server Service Remote Code Execution Vulnerability