Search Results (3380 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-33066 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-20 8.8 High
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-33064 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-20 8.8 High
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2025-54907 1 Microsoft 8 365, 365 Apps, Office and 5 more 2026-02-20 7.8 High
Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
CVE-2025-54894 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-20 7.8 High
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2025-62601 1 Eprosima 1 Fast Dds 2026-02-18 7.5 High
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow, resulting in remote termination of Fast-DDS. If the fields of `PID_IDENTITY_TOKEN` or `PID_PERMISSIONS_TOKEN` in the DATA Submessage — specifically by tampering with the `str_size` value read by `readString` (called from `readBinaryProperty`) — are modified, a 32-bit integer overflow can occur, causing `std::vector::resize` to use an attacker-controlled size and quickly trigger heap buffer overflow and remote process term ination. Versions 3.4.1, 3.3.1, and 2.6.11 patch the issue.
CVE-2025-62602 2 Debian, Eprosima 2 Debian Linux, Fast Dds 2026-02-18 7.5 High
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow, resulting in remote termination of Fast-DDS. If the fields of `PID_IDENTITY_TOKEN` or `PID_PERMISSIONS_TOKEN` in the DATA Submessage are tampered with — specially `readOctetVector` reads an unchecked `vecsize` that is propagated unchanged into `readData` as the `length` parameter — the attacker-contro lled `vecsize` can trigger a 32-bit integer overflow during the `length` calculation. That overflow can cause large alloca tion attempt that quickly leads to OOM, enabling a remotely-triggerable denial-of-service and remote process termination. Versions 3.4.1, 3.3.1, and 2.6.11 patch the issue.
CVE-2025-62799 2 Debian, Eprosima 2 Debian Linux, Fast Dds 2026-02-18 9.8 Critical
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATA_FRAG receive path. An un authenticated sender can transmit a single malformed RTPS DATA_FRAG packet where `fragmentSize` and `sampleSize` are craft ed to violate internal assumptions. Due to a 4-byte alignment step during fragment metadata initialization, the code write s past the end of the allocated payload buffer, causing immediate crash (DoS) and potentially enabling memory corruption ( RCE risk). Versions 3.4.1, 3.3.1, and 2.6.11 patch the issue.
CVE-2025-70122 1 Free5gc 1 Free5gc 2026-02-18 7.5 High
A heap buffer overflow vulnerability in the UPF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted PFCP Session Modification Request. The issue occurs in the SDFFilterFields.UnmarshalBinary function (sdf-filter.go) when processing a declared length that exceeds the actual buffer capacity, leading to a runtime panic and UPF crash.
CVE-2022-45188 3 Debian, Fedoraproject, Netatalk 3 Debian Linux, Fedora, Netatalk 2026-02-13 7.8 High
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
CVE-2025-21245 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21409 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21223 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21238 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21240 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21250 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21417 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21246 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21378 1 Microsoft 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more 2026-02-13 7.8 High
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2025-21339 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21305 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability