Total
2278 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24985 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-23 | 7.8 High |
| Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24067 | 2025-03-23 | 7.8 High | ||
| Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24066 | 2025-03-23 | 7.8 High | ||
| Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24056 | 2025-03-23 | 8.8 High | ||
| Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24051 | 2025-03-23 | 8.8 High | ||
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24050 | 2025-03-23 | 7.8 High | ||
| Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24048 | 2025-03-23 | 7.8 High | ||
| Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24995 | 2025-03-23 | 7.8 High | ||
| Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21180 | 2025-03-23 | 7.8 High | ||
| Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24057 | 2025-03-23 | 7.8 High | ||
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2019-3568 | 1 Whatsapp | 1 Whatsapp | 2025-03-21 | 9.8 Critical |
| A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15. | ||||
| CVE-2023-0819 | 1 Gpac | 1 Gpac | 2025-03-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. | ||||
| CVE-2025-2592 | 2025-03-21 | 6.3 Medium | ||
| A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 2690e354da0c681db000cfd892a55226788f2743. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2025-2153 | 1 Hdfgroup | 1 Hdf5 | 2025-03-21 | 5 Medium |
| A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2152 | 1 Assimp | 1 Assimp | 2025-03-21 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-29509 | 1 Artifex | 1 Ghostscript | 2025-03-20 | 8.8 High |
| Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle. | ||||
| CVE-2023-24550 | 1 Siemens | 1 Solid Edge Se2023 | 2025-03-20 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to heap-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2023-24551 | 1 Siemens | 1 Solid Edge Se2023 | 2025-03-20 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2024-56827 | 1 Redhat | 1 Enterprise Linux | 2025-03-20 | 5.6 Medium |
| A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. | ||||
| CVE-2024-56826 | 1 Redhat | 1 Enterprise Linux | 2025-03-20 | 5.6 Medium |
| A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. | ||||