Export limit exceeded: 364170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 46053 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46053 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-70083 1 Opensatkit 1 Opensatkit 2026-02-17 7.8 High
An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size of this buffer is OS_MAX_PATH_LEN. If the length of DirName is greater than or equal to OS_MAX_PATH_LEN, a stack buffer overflow occurs, overwriting adjacent stack memory. The path length check (FileUtil_AppendPathSep) is performed after the strcpy operation, meaning the validation occurs too late and cannot prevent the overflow.
CVE-2025-70085 1 Opensatkit 1 Opensatkit 2026-02-17 9.8 Critical
An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames (Source1Filename and the string returned by FileUtil_FileStateStr) into this buffer without any length checking and without using bounded format specifiers such as %.*s. If the filename length approaches OS_MAX_PATH_LEN (commonly 64-256 bytes), the combined formatted string together with constant text can exceed 256 bytes, resulting in a stack buffer overflow. Such unsafe sprintf calls are scattered across multiple functions in file.c, including FILE_ConcatenateCmd() and ConcatenateFiles(), all of which fail to validate the output length.
CVE-2026-2574 1 Gnome 1 Glib-networking 2026-02-17 5.4 Medium
A flaw was found in glib-networking. A malicious Transport Layer Security (TLS) server can exploit an out-of-bounds read and invalid free vulnerability when a client using the OpenSSL backend connects. By advertising a specially crafted client-CA list, the server can trigger an issue where memory is accessed outside of its allocated buffer and subsequently freed incorrectly. This can lead to a denial-of-service and potentially disclose limited heap memory.
CVE-2021-35942 4 Debian, Gnu, Netapp and 1 more 8 Debian Linux, Glibc, Active Iq Unified Manager and 5 more 2026-02-13 9.1 Critical
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
CVE-2025-62453 2 Github, Microsoft 2 Copilot, Visual Studio Code 2026-02-13 5 Medium
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
CVE-2025-62202 1 Microsoft 13 365, 365 Apps, Excel and 10 more 2026-02-13 7.1 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2025-60728 1 Microsoft 8 365, 365 Apps, Office and 5 more 2026-02-13 4.3 Medium
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CVE-2025-60726 1 Microsoft 13 365, 365 Apps, Excel and 10 more 2026-02-13 7.1 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2025-60706 1 Microsoft 23 Hyper-v, Windows, Windows 10 and 20 more 2026-02-13 5.5 Medium
Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.
CVE-2025-59513 1 Microsoft 25 Windows, Windows 10, Windows 10 1607 and 22 more 2026-02-13 5.5 Medium
Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.
CVE-2025-63653 2 Monkey, Monkey-project 2 Monkey, Monkey 2026-02-13 7.5 High
An out-of-bounds read in the mk_vhost_fdt_close function (mk_server/mk_vhost.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
CVE-2025-63656 2 Monkey, Monkey-project 2 Monkey, Monkey 2026-02-13 7.5 High
An out-of-bounds read in the header_cmp function (mk_server/mk_http_parser.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
CVE-2025-63657 2 Monkey, Monkey-project 2 Monkey, Monkey 2026-02-13 7.5 High
An out-of-bounds read in the mk_mimetype_find function (mk_server/mk_mimetype.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
CVE-2025-63658 2 Monkey, Monkey-project 2 Monkey, Monkey 2026-02-13 7.5 High
A stack overflow in the mk_http_index_lookup function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
CVE-2025-69516 1 Amidaware 1 Tactical Rmm 2026-02-13 8.8 High
A Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the server. This occurs due to improper sanitization of the template_md parameter, enabling direct injection of Jinja2 templates. This occurs due to misuse of the generate_html() function, the user-controlled value is inserted into `env.from_string`, a function that processes Jinja2 templates arbitrarily, making an SSTI possible.
CVE-2022-45188 3 Debian, Fedoraproject, Netatalk 3 Debian Linux, Fedora, Netatalk 2026-02-13 7.8 High
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
CVE-2022-35737 4 Netapp, Redhat, Splunk and 1 more 5 Ontap Select Deploy Administration Utility, Enterprise Linux, Rhel Eus and 2 more 2026-02-13 7.5 High
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
CVE-2020-6096 3 Debian, Fedoraproject, Gnu 3 Debian Linux, Fedora, Glibc 2026-02-13 8.1 High
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
CVE-2025-21245 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21409 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability