Search Results (46052 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-70085 1 Opensatkit 1 Opensatkit 2026-02-17 9.8 Critical
An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames (Source1Filename and the string returned by FileUtil_FileStateStr) into this buffer without any length checking and without using bounded format specifiers such as %.*s. If the filename length approaches OS_MAX_PATH_LEN (commonly 64-256 bytes), the combined formatted string together with constant text can exceed 256 bytes, resulting in a stack buffer overflow. Such unsafe sprintf calls are scattered across multiple functions in file.c, including FILE_ConcatenateCmd() and ConcatenateFiles(), all of which fail to validate the output length.
CVE-2026-2574 1 Gnome 1 Glib-networking 2026-02-17 5.4 Medium
A flaw was found in glib-networking. A malicious Transport Layer Security (TLS) server can exploit an out-of-bounds read and invalid free vulnerability when a client using the OpenSSL backend connects. By advertising a specially crafted client-CA list, the server can trigger an issue where memory is accessed outside of its allocated buffer and subsequently freed incorrectly. This can lead to a denial-of-service and potentially disclose limited heap memory.
CVE-2021-35942 4 Debian, Gnu, Netapp and 1 more 8 Debian Linux, Glibc, Active Iq Unified Manager and 5 more 2026-02-13 9.1 Critical
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
CVE-2025-62453 2 Github, Microsoft 2 Copilot, Visual Studio Code 2026-02-13 5 Medium
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
CVE-2025-62202 1 Microsoft 13 365, 365 Apps, Excel and 10 more 2026-02-13 7.1 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2025-60728 1 Microsoft 8 365, 365 Apps, Office and 5 more 2026-02-13 4.3 Medium
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CVE-2025-60726 1 Microsoft 13 365, 365 Apps, Excel and 10 more 2026-02-13 7.1 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2025-60706 1 Microsoft 23 Hyper-v, Windows, Windows 10 and 20 more 2026-02-13 5.5 Medium
Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.
CVE-2025-59513 1 Microsoft 25 Windows, Windows 10, Windows 10 1607 and 22 more 2026-02-13 5.5 Medium
Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.
CVE-2025-63653 2 Monkey, Monkey-project 2 Monkey, Monkey 2026-02-13 7.5 High
An out-of-bounds read in the mk_vhost_fdt_close function (mk_server/mk_vhost.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
CVE-2025-63656 2 Monkey, Monkey-project 2 Monkey, Monkey 2026-02-13 7.5 High
An out-of-bounds read in the header_cmp function (mk_server/mk_http_parser.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
CVE-2025-63657 2 Monkey, Monkey-project 2 Monkey, Monkey 2026-02-13 7.5 High
An out-of-bounds read in the mk_mimetype_find function (mk_server/mk_mimetype.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
CVE-2025-63658 2 Monkey, Monkey-project 2 Monkey, Monkey 2026-02-13 7.5 High
A stack overflow in the mk_http_index_lookup function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
CVE-2025-69516 1 Amidaware 1 Tactical Rmm 2026-02-13 8.8 High
A Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the server. This occurs due to improper sanitization of the template_md parameter, enabling direct injection of Jinja2 templates. This occurs due to misuse of the generate_html() function, the user-controlled value is inserted into `env.from_string`, a function that processes Jinja2 templates arbitrarily, making an SSTI possible.
CVE-2022-45188 3 Debian, Fedoraproject, Netatalk 3 Debian Linux, Fedora, Netatalk 2026-02-13 7.8 High
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
CVE-2022-35737 4 Netapp, Redhat, Splunk and 1 more 5 Ontap Select Deploy Administration Utility, Enterprise Linux, Rhel Eus and 2 more 2026-02-13 7.5 High
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
CVE-2020-6096 3 Debian, Fedoraproject, Gnu 3 Debian Linux, Fedora, Glibc 2026-02-13 8.1 High
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
CVE-2025-21245 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21409 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21223 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability