Buffer Overflow

memory HIGH

A buffer overflow occurs when a program writes more data to a memory buffer than it was allocated to hold, causing the excess data to spill into adjacent memory regions.

How It Works

A buffer overflow occurs when a program writes more data to a memory buffer than it was allocated to hold, causing the excess data to spill into adjacent memory regions. This overwrites whatever data or code exists there, corrupting program state and potentially giving attackers control over execution flow.

Stack-based overflows are the most common variant. When a function allocates a fixed-size buffer on the stack and then copies user-controlled input without proper bounds checking, attackers can overflow past the buffer to overwrite the function's return address. When the function completes, instead of returning to legitimate code, execution jumps to attacker-specified memory containing malicious shellcode. Heap-based overflows work differently—they corrupt heap metadata like chunk size fields or free list pointers, leading to arbitrary memory writes when the allocator processes the corrupted structures.

Modern exploitation bypasses defensive mechanisms through techniques like Return-Oriented Programming (ROP), which chains together existing code snippets to avoid non-executable memory protections. Attackers may also use heap spraying to reliably position shellcode at predictable addresses, defeating address randomization.

Impact

  • Remote code execution — attacker gains ability to run arbitrary commands with the privileges of the vulnerable process
  • Privilege escalation — exploiting kernel or setuid program overflows to gain root/SYSTEM access
  • Denial of service — crashes and memory corruption that render systems unusable
  • Information disclosure — reading sensitive data from adjacent memory regions that should be inaccessible
  • Authentication bypass — overwriting security-critical variables like permission flags or user IDs

Real-World Examples

Fortinet FortiOS suffered a critical buffer overflow (CVE-2025-32756) that allowed unauthenticated remote attackers to execute code as root on firewalls and VPN gateways. Attackers actively exploited this to compromise enterprise network perimeters before patches were available.

The Slammer worm from 2003 exploited a stack overflow in Microsoft SQL Server, spreading to 75,000 hosts in ten minutes by sending a single malformed UDP packet that overwrote the return address with shellcode. No authentication was required.

OpenSSH historically contained a heap overflow in challenge-response authentication that allowed pre-authentication remote root compromise on Unix systems, demonstrating how memory corruption in privileged network services creates maximum impact scenarios.

Mitigation

  • Memory-safe languages — Rust, Go, and modern managed languages prevent buffer overflows by design through automatic bounds checking
  • Stack canaries — random values placed before return addresses that detect corruption before control transfer
  • Address Space Layout Randomization (ASLR) — randomizes memory locations making exploitation less reliable
  • Data Execution Prevention (DEP/NX) — marks memory regions as non-executable, preventing direct shellcode execution
  • Bounds checking — validate input sizes before copying, use safe functions like strncpy instead of strcpy
  • Fuzzing and static analysis — automated testing to discover overflows before deployment

Recent CVEs (5255)

CVE-2025-36461
EPSS 0% CVSS 7.3
HIGH This Month

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Dell Buffer Overflow Broadcom
NVD
CVE-2025-36460
EPSS 0% CVSS 7.3
HIGH This Month

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Dell Buffer Overflow Broadcom
NVD
CVE-2025-32089
EPSS 0% CVSS 8.8
HIGH This Month

A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Buffer Overflow RCE
NVD
CVE-2025-13305
EPSS 0% CVSS 7.4
HIGH POC This Month

A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dir 825M Firmware +4
NVD GitHub VulDB
CVE-2025-13304
EPSS 0% CVSS 7.4
HIGH POC This Month

A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dir 825M Firmware +4
NVD GitHub VulDB
CVE-2025-13288
EPSS 0% CVSS 7.4
HIGH POC This Month

A security vulnerability has been detected in Tenda CH22 1.0.0.1. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ch22 Firmware
NVD GitHub VulDB
CVE-2025-40936
EPSS 0% CVSS 7.3
HIGH This Month

A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29.0.258), Solid Edge (All versions < V226.00 Update 03). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure
NVD
CVE-2025-13258
EPSS 0% CVSS 7.4
HIGH POC This Month

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac20 Firmware
NVD GitHub VulDB
CVE-2025-13191
EPSS 0% CVSS 7.4
HIGH POC This Month

A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta.cgi. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dir 816L Firmware
NVD GitHub VulDB
CVE-2025-13190
EPSS 0% CVSS 7.4
HIGH POC This Month

A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dir 816L Firmware
NVD GitHub VulDB
CVE-2025-13189
EPSS 0% CVSS 7.4
HIGH POC This Month

A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dir 816L Firmware
NVD GitHub VulDB
CVE-2025-13188
EPSS 0% CVSS 8.9
HIGH POC This Week

A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dir 816L Firmware
NVD GitHub VulDB
CVE-2025-63701
EPSS 0% CVSS 6.8
MEDIUM POC This Week

A heap corruption vulnerability exists in the Advantech TP-3250 printer driver's DrvUI_x64_ADVANTECH.dll (v0.3.9200.20789) when DocumentPropertiesW() is called with a valid dmDriverExtra value but an. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow RCE +2
NVD
CVE-2025-11918
EPSS 0% CVSS 7.1
HIGH This Month

Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available.

Stack Overflow Rockwell Buffer Overflow +2
NVD
CVE-2025-9479
EPSS 0% CVSS 4.3
MEDIUM POC Monitor

Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Buffer Overflow Information Disclosure +3
NVD
CVE-2024-11920
EPSS 0% CVSS 4.3
MEDIUM POC Monitor

Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Buffer Overflow Information Disclosure +1
NVD
CVE-2025-60699
EPSS 2% CVSS 6.5
MEDIUM POC This Week

A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `global.so` binary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +2
NVD GitHub
CVE-2025-60679
EPSS 0% CVSS 8.8
HIGH POC This Week

A stack buffer overflow vulnerability exists in the D-Link DIR-816A2 router firmware DIR-816A2_FWv1.10CNB05_R1B011D88210.img in the upload.cgi module, which handles firmware version information. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +2
NVD GitHub
CVE-2025-60674
EPSS 0% CVSS 6.8
MEDIUM POC This Week

A stack buffer overflow vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin in the rc binary's USB storage handling module. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +2
NVD GitHub
CVE-2025-60693
EPSS 3% CVSS 6.5
MEDIUM POC This Week

A stack-based buffer overflow exists in the get_merge_mac function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Linksys +3
NVD GitHub
CVE-2025-60696
EPSS 0% CVSS 8.4
HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the makeRequest.cgi binary of Linksys RE7000 routers (Firmware FW_v2.0.15_211230_1012). Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Linksys +3
NVD GitHub
CVE-2025-60695
EPSS 0% CVSS 5.9
MEDIUM POC This Month

A stack-based buffer overflow vulnerability exists in the mtk_dut binary of Linksys E7350 routers (Firmware 1.1.00.032). Rated medium severity (CVSS 5.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Linksys +3
NVD GitHub
CVE-2025-60694
EPSS 5% CVSS 7.5
HIGH POC This Month

A stack-based buffer overflow exists in the validate_static_route function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Linksys +3
NVD GitHub
CVE-2025-60692
EPSS 0% CVSS 8.4
HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the libshared.so library of Cisco Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Linksys +4
NVD GitHub
CVE-2025-60691
EPSS 1% CVSS 8.8
HIGH POC This Week

A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Linksys +3
NVD GitHub
CVE-2025-60690
EPSS 1% CVSS 8.8
HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the Linksys E1200 v2 router firmware that allows remote attackers to execute arbitrary code or cause denial of service without authentication. The vulnerability occurs in the httpd binary's get_merge_ipaddr function, which improperly concatenates user-supplied CGI parameters into a fixed-size buffer without bounds checking. With publicly available proof-of-concept exploits and an EPSS score of 0.57% (68th percentile), this represents a moderate exploitation risk for affected devices.

Linksys RCE Denial Of Service +2
NVD GitHub VulDB
CVE-2025-60688
EPSS 0% CVSS 6.5
MEDIUM POC This Week

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (setDefResponse. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +3
NVD GitHub
CVE-2025-60686
EPSS 0% CVSS 5.1
MEDIUM POC This Month

A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R V4.1.5cu.614_B20230630, LR1200GB V9.1.0u.6619_B20230130, and NR1800X. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Denial Of Service Buffer Overflow +5
NVD GitHub
CVE-2025-60685
EPSS 0% CVSS 5.1
MEDIUM POC This Month

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary (sub_401EE0 function). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +2
NVD GitHub
CVE-2025-60684
EPSS 0% CVSS 6.5
MEDIUM POC This Week

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (sub_42F32C. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +3
NVD GitHub
CVE-2025-13120
EPSS 0% CVSS 4.8
MEDIUM PATCH Monitor

A vulnerability has been found in mruby up to 3.4.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Mruby +1
NVD GitHub VulDB
CVE-2025-12818
EPSS 0% CVSS 5.9
MEDIUM POC PATCH This Month

Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow Buffer Overflow PostgreSQL +2
NVD GitHub
CVE-2025-7704
EPSS 0% CVSS 5.4
MEDIUM This Month

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow
NVD
CVE-2025-64503
EPSS 0% CVSS 4.0
MEDIUM POC PATCH Monitor

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Apple Buffer Overflow +5
NVD GitHub
CVE-2025-40205
EPSS 0%
PATCH

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfs_encode_fh() The function btrfs_encode_fh() does not properly account for the three.

Linux Buffer Overflow Linux Kernel
NVD
CVE-2025-40180
EPSS 0%
PATCH

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop The cleanup loop was starting at the wrong array index,.

Linux Buffer Overflow Linux Kernel
NVD
CVE-2025-63927
EPSS 0% CVSS 4.0
MEDIUM POC Monitor

A heap-use-after-free vulnerability exists in airpig2011 IEC104 thru Commit be6d841 (2019-07-08). Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Iec104
NVD GitHub
CVE-2025-63679
EPSS 0% CVSS 7.5
HIGH POC This Month

free5gc v4.1.0 and before is vulnerable to Buffer Overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Free5gc
NVD GitHub
CVE-2025-57812
EPSS 0% CVSS 3.7
LOW POC PATCH Monitor

CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format. Rated low severity (CVSS 3.7). Public exploit code available.

Buffer Overflow Information Disclosure Cups Filters +1
NVD GitHub
CVE-2025-65001
EPSS 0% CVSS 8.2
HIGH This Month

Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow
NVD
CVE-2025-13042
EPSS 0% CVSS 8.8
HIGH PATCH This Month

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.166 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Buffer Overflow +3
NVD
CVE-2025-11795
EPSS 0% CVSS 7.8
HIGH This Month

A maliciously crafted JPG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-40159
EPSS 0%
PATCH

In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdp_desc validation Turned out certain clearly invalid values passed in xdp_desc from userspace can.

Linux Buffer Overflow Linux Kernel
NVD
CVE-2025-40157
EPSS 0%

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nm_edac driver on some Intel Granite Rapids. No vendor patch available.

Intel Linux Buffer Overflow +1
NVD
CVE-2025-40118
EPSS 0%
PATCH

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 ("scsi: pm80xx: Set phy_attached to zero when.

Linux Buffer Overflow Linux Kernel
NVD
CVE-2025-64406
EPSS 0% CVSS 4.3
MEDIUM Monitor

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas.1.15. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apache +1
NVD
CVE-2025-43205
EPSS 0% CVSS 4.0
MEDIUM This Month

An out-of-bounds access issue was addressed with improved bounds checking. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure
NVD
CVE-2025-61833
EPSS 0% CVSS 7.8
HIGH This Month

Substance3D - Stager versions 3.1.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Substance 3d Stager
NVD
CVE-2025-40815
EPSS 0% CVSS 8.6
HIGH This Month

A vulnerability has been identified in LOGO!. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow
NVD
CVE-2025-61845
EPSS 0% CVSS 5.5
MEDIUM This Month

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Format Plugins
NVD
CVE-2025-61844
EPSS 0% CVSS 5.5
MEDIUM This Month

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Format Plugins
NVD
CVE-2025-61843
EPSS 0% CVSS 5.5
MEDIUM This Month

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Format Plugins
NVD
CVE-2025-61841
EPSS 0% CVSS 5.5
MEDIUM This Month

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Format Plugins
NVD
CVE-2025-61840
EPSS 0% CVSS 5.5
MEDIUM This Month

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Format Plugins
NVD
CVE-2025-61839
EPSS 0% CVSS 7.8
HIGH This Month

Format Plugins versions 1.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Format Plugins
NVD
CVE-2025-61838
EPSS 0% CVSS 7.8
HIGH This Month

Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-61837
EPSS 0% CVSS 7.8
HIGH This Month

Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-62452
EPSS 0% CVSS 8.0
HIGH This Month

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +15
NVD
CVE-2025-62220
EPSS 0% CVSS 8.8
HIGH This Month

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +2
NVD
CVE-2025-62202
EPSS 0% CVSS 7.1
HIGH This Month

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure +5
NVD
CVE-2025-62201
EPSS 0% CVSS 7.8
HIGH This Month

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +5
NVD
CVE-2025-61831
EPSS 0% CVSS 7.8
HIGH This Month

Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-61829
EPSS 0% CVSS 7.8
HIGH This Month

Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-61828
EPSS 0% CVSS 7.8
HIGH This Month

Illustrator on iPad versions 3.0.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-61827
EPSS 0% CVSS 7.8
HIGH This Month

Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-61820
EPSS 0% CVSS 7.8
HIGH This Month

Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-61819
EPSS 0% CVSS 7.8
HIGH This Month

Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-60728
EPSS 0% CVSS 4.3
MEDIUM Monitor

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure +2
NVD
CVE-2025-60727
EPSS 0% CVSS 7.8
HIGH This Month

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure +5
NVD
CVE-2025-60726
EPSS 0% CVSS 7.1
HIGH This Month

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure +5
NVD
CVE-2025-60724
EPSS 0% CVSS 9.8
CRITICAL This Week

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +16
NVD
CVE-2025-60720
EPSS 0% CVSS 7.8
HIGH This Month

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 10 1607 +14
NVD
CVE-2025-60715
EPSS 0% CVSS 8.0
HIGH This Month

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +15
NVD
CVE-2025-60714
EPSS 0% CVSS 7.8
HIGH This Month

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +12
NVD
CVE-2025-60709
EPSS 0% CVSS 7.8
HIGH This Month

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure +15
NVD
CVE-2025-60706
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure +13
NVD
CVE-2025-59513
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure +14
NVD
CVE-2025-59504
EPSS 0% CVSS 7.3
HIGH This Month

Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +1
NVD
CVE-2025-61832
EPSS 0% CVSS 7.8
HIGH This Month

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-61824
EPSS 0% CVSS 7.8
HIGH This Month

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-61816
EPSS 0% CVSS 7.8
HIGH This Month

InCopy versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
CVE-2025-35971
EPSS 0% CVSS 8.3
HIGH This Month

Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Intel Microsoft +3
NVD
CVE-2025-35967
EPSS 0% CVSS 7.0
HIGH This Month

Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Intel +3
NVD
CVE-2025-33202
EPSS 0% CVSS 6.5
MEDIUM This Month

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Microsoft +4
NVD
CVE-2025-33029
EPSS 0% CVSS 8.3
HIGH This Month

Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Intel Microsoft +3
NVD
CVE-2025-32732
EPSS 0% CVSS 5.8
MEDIUM This Month

Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow +3
NVD
CVE-2025-31937
EPSS 0% CVSS 5.7
MEDIUM This Month

Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 5.7). No vendor patch available.

Buffer Overflow Information Disclosure Intel +4
NVD
CVE-2025-30255
EPSS 0% CVSS 8.3
HIGH This Month

Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Intel Microsoft +3
NVD
CVE-2025-27713
EPSS 0% CVSS 7.3
HIGH This Month

Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. Rated high severity (CVSS 7.3). No vendor patch available.

Buffer Overflow Intel Microsoft +4
NVD
CVE-2025-24519
EPSS 0% CVSS 6.8
MEDIUM This Month

Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Microsoft +3
NVD
Prev Page 20 of 59 Next

Quick Facts

Typical Severity
HIGH
Category
memory
Total CVEs
5255

Related CWEs

MITRE ATT&CK

References

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy