Search Results (4881 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-47351 1 Qualcomm 57 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 54 more 2026-02-26 7.8 High
Memory corruption while processing user buffers.
CVE-2025-20710 2 Mediatek, Openwrt 7 Mt6890, Mt7915, Mt7916 and 4 more 2026-02-26 8.8 High
In wlan AP driver, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418785; Issue ID: MSV-3515.
CVE-2025-47365 1 Qualcomm 71 Qam8255p, Qam8255p Firmware, Qam8295p and 68 more 2026-02-26 7.8 High
Memory corruption while processing large input data from a remote source via a communication interface.
CVE-2025-58715 1 Microsoft 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more 2026-02-26 8.8 High
Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
CVE-2025-59242 1 Microsoft 26 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 23 more 2026-02-26 7.8 High
Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2025-61800 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2026-02-26 7.8 High
Dimension versions 4.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61807 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-02-26 7.8 High
Substance3D - Stager versions 3.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61803 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-02-26 7.8 High
Substance3D - Stager versions 3.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-3500 2 Avast, Microsoft 2 Antivirus, Windows 2026-02-26 9 Critical
Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.
CVE-2025-61836 1 Adobe 1 Illustrator On Ipad 2026-02-26 7.8 High
Illustrator on iPad versions 3.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61826 1 Adobe 1 Illustrator On Ipad 2026-02-26 7.8 High
Illustrator on iPad versions 3.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-61835 3 Adobe, Apple, Microsoft 3 Substance 3d Stager, Macos, Windows 2026-02-26 7.8 High
Substance3D - Stager versions 3.1.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-48637 1 Google 1 Android 2026-02-26 7.8 High
In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-10923 1 Gimp 1 Gimp 2026-02-26 7.8 High
GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WBMP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27878.
CVE-2025-10924 1 Gimp 1 Gimp 2026-02-26 7.8 High
GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FF files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27836.
CVE-2025-36936 1 Google 1 Android 2026-02-26 7.8 High
In GetTachyonCommand of tachyon_server_common.h, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-14422 1 Gimp 1 Gimp 2026-02-26 7.8 High
GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNM files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28273.
CVE-2025-47363 1 Qualcomm 71 Qam8255p, Qam8255p Firmware, Qam8295p and 68 more 2026-02-26 6.8 Medium
Memory corruption when calculating oversized partition sizes without proper checks.
CVE-2025-47364 1 Qualcomm 71 Qam8255p, Qam8255p Firmware, Qam8295p and 68 more 2026-02-26 6.8 Medium
Memory corruption while calculating offset from partition start point.
CVE-2023-43826 1 Apache 1 Guacamole 2026-02-25 0 Low
Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.5.4, which fixes this issue.