Total
13848 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20403 | 1 Mediatek | 46 Mt2735, Mt2737, Mt6813 and 43 more | 2026-02-17 | 6.5 Medium |
| In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689254 (Note: For N15 and NR16) / MOLY01689259 (Note: For NR17 and NR17R); Issue ID: MSV-4843. | ||||
| CVE-2026-20402 | 1 Mediatek | 20 Mt2735, Mt6833, Mt6853 and 17 more | 2026-02-17 | 6.5 Medium |
| In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00693083; Issue ID: MSV-5928. | ||||
| CVE-2025-20751 | 1 Mediatek | 27 Modem, Mt2735, Mt6833 and 24 more | 2026-02-17 | 6.5 Medium |
| In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661195; Issue ID: MSV-4297. | ||||
| CVE-2025-20634 | 1 Mediatek | 32 Mt2737, Mt6813, Mt6835 and 29 more | 2026-02-17 | 8.8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436. | ||||
| CVE-2024-20154 | 1 Mediatek | 56 Lr12a, Lr13, Mt2735 and 53 more | 2026-02-17 | 8.8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392. | ||||
| CVE-2025-48518 | 1 Amd | 9 Radeon Pro V710, Radeon Pro W7000 Series, Radeon Rx 7000 Series and 6 more | 2026-02-13 | N/A |
| Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service. | ||||
| CVE-2026-25990 | 2 Python, Python-pillow | 2 Pillow, Pillow | 2026-02-13 | 7.5 High |
| Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1. | ||||
| CVE-2023-4911 | 6 Canonical, Debian, Fedoraproject and 3 more | 43 Ubuntu Linux, Debian Linux, Fedora and 40 more | 2026-02-13 | 7.8 High |
| A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | ||||
| CVE-2022-45188 | 3 Debian, Fedoraproject, Netatalk | 3 Debian Linux, Fedora, Netatalk | 2026-02-13 | 7.8 High |
| Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS). | ||||
| CVE-2018-1160 | 3 Debian, Netatalk, Synology | 7 Debian Linux, Netatalk, Diskstation Manager and 4 more | 2026-02-13 | 9.8 Critical |
| Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. | ||||
| CVE-2025-27487 | 1 Microsoft | 27 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 24 more | 2026-02-13 | 8 High |
| Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-27477 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24063 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.8 High |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-30376 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-13 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-29979 | 1 Microsoft | 11 365 Apps, Excel, Office and 8 more | 2026-02-13 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-29967 | 1 Microsoft | 25 Remote Desktop, Windows 10 1507, Windows 10 1607 and 22 more | 2026-02-13 | 8.8 High |
| Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-29966 | 1 Microsoft | 26 Remote Desktop, Windows 10 1507, Windows 10 1607 and 23 more | 2026-02-13 | 8.8 High |
| Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2023-53554 | 1 Linux | 1 Linux Kernel | 2026-02-12 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user. If it's over IW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption. | ||||
| CVE-2025-57709 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-12 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-29949 | 1 Amd | 17 Ryzen 5000 Series Desktop Processors, Ryzen 5000 Series Desktop Processors With Radeon Graphics, Ryzen 5000 Series Mobile Processors With Radeon Graphics and 14 more | 2026-02-12 | N/A |
| Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service. | ||||