Export limit exceeded: 23584 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23584 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-58304 | 1 Samsung Open Source | 1 Escargot | 2026-07-16 | 6.1 Medium |
| Out-of-bounds read, Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before 779f6bedf58f334dec64b0a51ebb724b4708b84a. | ||||
| CVE-2026-46377 | 1 Tomwright | 1 Dasel | 2026-07-16 | 6.2 Medium |
| Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the escape sequence handler in (*Tokenizer).parseCurRune in selector/lexer/tokenize.go increments past a trailing backslash in a quoted string such as "\ or '\ and then reads p.src[pos] without a bounds check, allowing attacker-controlled selector strings to trigger a Go index-out-of-range panic. This issue is fixed in version 3.10.1. | ||||
| CVE-2026-47088 | 1 Cyrusimap | 1 Cyrus Imap | 2026-07-16 | 3.1 Low |
| An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is heap exposure in nested MIME comment parsing. An authenticated IMAP user could craft an email message containing an RFC 822 comment ending with a backslash. When parsing the message, the server would read past the message's end in memory, and read into the heap, returning the read content to the user. | ||||
| CVE-2021-27137 | 1 Dd-wrt | 1 Dd-wrt | 2026-07-16 | 8.1 High |
| An issue was discovered in router/upnp/src/ssdp.c in DD-WRT before 45724. An unsafe strcpy in the UPnP handling functionality allows an unauthenticated remote attacker to send a request that would overflow an internal fixed buffer. Exploitation requires the DD-WRT user to enable UPnP (which is off by default, and only listens on internal interfaces by default). This occurs in ssdp_msearch (reachable by an M-SEARCH request). | ||||
| CVE-2026-45612 | 2026-07-16 | 5.5 Medium | ||
| rz-libdemangle is a Rizin library for demangling symbols. Prior to 6bf56d3, the Rust demangler in src/rust/rust_v0.c can perform an out-of-bounds read when the demangler structure is not yet initialized. This issue is fixed in commit 6bf56d3. | ||||
| CVE-2026-51537 | 1 Eipstackgroup | 1 Opener | 2026-07-16 | 9.1 Critical |
| EIPStackGroup OpENer 2.3.0 (commit 76b95cf) has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser to continue reading fields even when request data is insufficient. This issue is remotely triggerable via network traffic and does not require authentication. | ||||
| CVE-2026-58614 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-16 | 5.5 Medium |
| Out-of-bounds read in Windows Kernel allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2026-49177 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-16 | 5.5 Medium |
| Out-of-bounds read in Windows TCP/IP allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-49804 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-16 | 6.6 Medium |
| Heap-based buffer overflow in Windows USB Video Driver allows an unauthorized attacker to elevate privileges with a physical attack. | ||||
| CVE-2026-50300 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-16 | 5.5 Medium |
| Integer underflow (wrap or wraparound) in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-50341 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-16 | 5.5 Medium |
| Buffer over-read in Windows NTFS allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-50475 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-16 | 5.5 Medium |
| Buffer over-read in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-56192 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-07-16 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55050 | 1 Microsoft | 11 365 Apps, Office 2019, Office 2021 and 8 more | 2026-07-16 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-50408 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-50491 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-16 | 7 High |
| Out-of-bounds read in Code Integrity DLL (ci.dll) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50420 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-16 | 6.2 Medium |
| Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-56455 | 2026-07-16 | 5.3 Medium | ||
| HCL DFXAnalytics is affected by a Buffer Overflow vulnerability that can lead to a Denial of Service (DoS). The application fails to properly validate input sizes, allowing an attacker to pass an excessive amount of information into a memory container, which can cause the system to crash or become unresponsive. To mitigate this flaw, comprehensive input length checks must be implemented and enforced on both the client and server sides. | ||||
| CVE-2026-24268 | 1 Nvidia | 1 Tensorrt | 2026-07-16 | 7.8 High |
| NVIDIA TensorRT contains a vulnerability where an attacker might cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution. | ||||
| CVE-2026-0128 | 1 Google | 1 Android | 2026-07-16 | 3.5 Low |
| In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||