Medium
CVSS: 6.9
Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client…
Medium
CVSS: 5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero…
High
CVSS: 8.2
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
High
CVSS: 7.8
An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out‑of‑bounds write, potentially leading to code execu…
High
CVSS: 7.8
GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to…
High
CVSS: 7.8
GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to explo…
High
CVSS: 7.8
GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to e…
Medium
CVSS: 5.5
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
Medium
CVSS: 5.5
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
High
KEV CVSS: 8.8
Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Medium
CVSS: 5.3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmap_cache_put. A malicious se…
Medium
CVSS: 5.3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.26…
High
CVSS: 8.5
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requir…
High
CVSS: 8.5
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted DSB file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation re…
Critical
CVSS: 9.8
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizardSelectMode.
High
CVSS: 8.8
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content…
High
CVSS: 7.5
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. In 2026.01 and earlier, the default handler for the well_known_core resource coap_we…
Medium
CVSS: 6.9
R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. Attackers can inject a crafted payload through the Language for menus…
Medium
CVSS: 6.9
WinMPG iPod Convert 3.0 contains a buffer overflow vulnerability in the Register dialog that allows local attackers to crash the application by supplying an oversized payload. Attackers can paste a large string of characters into the User N…
High
CVSS: 8.7
GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. Attackers can craft malicious HTTP responses with ov…