Total
2246 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24993 | 2025-03-12 | 7.8 High | ||
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-2019 | 2025-03-11 | N/A | ||
| Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25252. | ||||
| CVE-2025-27173 | 2025-03-11 | 7.8 High | ||
| Substance3D - Modeler versions 1.15.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-24057 | 2025-03-11 | 7.8 High | ||
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-21180 | 2025-03-11 | 7.8 High | ||
| Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24995 | 2025-03-11 | 7.8 High | ||
| Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24048 | 2025-03-11 | 7.8 High | ||
| Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24050 | 2025-03-11 | 7.8 High | ||
| Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24051 | 2025-03-11 | 8.8 High | ||
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24056 | 2025-03-11 | 8.8 High | ||
| Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24066 | 2025-03-11 | 7.8 High | ||
| Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24067 | 2025-03-11 | 7.8 High | ||
| Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27171 | 2025-03-11 | 7.8 High | ||
| InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-24443 | 2025-03-11 | 7.8 High | ||
| Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49138 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-11 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-49081 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-03-11 | 6.6 Medium |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | ||||
| CVE-2024-49080 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-11 | 8.8 High |
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | ||||
| CVE-2024-49072 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-11 | 7.8 High |
| Windows Task Scheduler Elevation of Privilege Vulnerability | ||||
| CVE-2024-49125 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-03-11 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49104 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-11 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||