Search Results (9620 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-32864 1 Ni 1 Labview 2026-04-14 7.8 High
There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3!aligned_free() in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI file. This vulnerability affects NI LabVIEW 2026 Q1 (26.1.0) and prior versions.
CVE-2026-5873 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-04-14 8.8 High
Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-5886 2 Apple, Google 2 Macos, Chrome 2026-04-14 5.3 Medium
Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-5913 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-04-14 8.1 High
Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-26109 1 Microsoft 13 365 Apps, Excel, Excel 2016 and 10 more 2026-04-14 8.4 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-26127 4 Apple, Linux, Microsoft and 1 more 8 Macos, Linux Kernel, .net and 5 more 2026-04-14 7.5 High
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
CVE-2026-25181 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-04-14 7.5 High
Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.
CVE-2026-25175 1 Microsoft 22 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 19 more 2026-04-14 7.8 High
Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally.
CVE-2026-24282 1 Microsoft 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more 2026-04-14 5.5 Medium
Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally.
CVE-2026-23673 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-04-14 7.8 High
Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.
CVE-2026-23672 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-04-14 7.8 High
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2022-2785 1 Linux 1 Linux Kernel 2026-04-14 6.7 Medium
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fcec22c
CVE-2023-36424 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2026-04-14 7.8 High
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-45315 1 Mikrotik 1 Routeros 2026-04-09 6.4 Medium
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows authenticated attackers to execute arbitrary code via a crafted packet.
CVE-2026-4437 2 Gnu, The Gnu C Library 2 Glibc, Glibc 2026-04-08 7.5 High
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.
CVE-2026-32926 1 Fujielectric 1 V-sft 2026-04-08 7.8 High
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
CVE-2026-32927 1 Fujielectric 1 V-sft 2026-04-08 7.8 High
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
CVE-2026-32929 1 Fujielectric 1 V-sft 2026-04-08 7.8 High
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
CVE-2026-34588 2 Academysoftwarefoundation, Openexr 2 Openexr, Openexr 2026-04-08 7.8 High
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal_exr_undo_piz() advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and wcount are int, a crafted EXR file can make this product overflow and wrap. The next channel then decodes from an incorrect address. The wavelet decode path operates in place, so this yields both out-of-bounds reads and out-of-bounds writes. This vulnerability is fixed in 3.2.7, 3.3.9, and 3.4.9.
CVE-2026-33817 1 Etcd-io 1 Bbolt 2026-04-08 6.2 Medium
CVE confirmed to be a false positive