Buffer Overflow

memory HIGH

A buffer overflow occurs when a program writes more data to a memory buffer than it was allocated to hold, causing the excess data to spill into adjacent memory regions.

How It Works

A buffer overflow occurs when a program writes more data to a memory buffer than it was allocated to hold, causing the excess data to spill into adjacent memory regions. This overwrites whatever data or code exists there, corrupting program state and potentially giving attackers control over execution flow.

Stack-based overflows are the most common variant. When a function allocates a fixed-size buffer on the stack and then copies user-controlled input without proper bounds checking, attackers can overflow past the buffer to overwrite the function's return address. When the function completes, instead of returning to legitimate code, execution jumps to attacker-specified memory containing malicious shellcode. Heap-based overflows work differently—they corrupt heap metadata like chunk size fields or free list pointers, leading to arbitrary memory writes when the allocator processes the corrupted structures.

Modern exploitation bypasses defensive mechanisms through techniques like Return-Oriented Programming (ROP), which chains together existing code snippets to avoid non-executable memory protections. Attackers may also use heap spraying to reliably position shellcode at predictable addresses, defeating address randomization.

Impact

  • Remote code execution — attacker gains ability to run arbitrary commands with the privileges of the vulnerable process
  • Privilege escalation — exploiting kernel or setuid program overflows to gain root/SYSTEM access
  • Denial of service — crashes and memory corruption that render systems unusable
  • Information disclosure — reading sensitive data from adjacent memory regions that should be inaccessible
  • Authentication bypass — overwriting security-critical variables like permission flags or user IDs

Real-World Examples

Fortinet FortiOS suffered a critical buffer overflow (CVE-2025-32756) that allowed unauthenticated remote attackers to execute code as root on firewalls and VPN gateways. Attackers actively exploited this to compromise enterprise network perimeters before patches were available.

The Slammer worm from 2003 exploited a stack overflow in Microsoft SQL Server, spreading to 75,000 hosts in ten minutes by sending a single malformed UDP packet that overwrote the return address with shellcode. No authentication was required.

OpenSSH historically contained a heap overflow in challenge-response authentication that allowed pre-authentication remote root compromise on Unix systems, demonstrating how memory corruption in privileged network services creates maximum impact scenarios.

Mitigation

  • Memory-safe languages — Rust, Go, and modern managed languages prevent buffer overflows by design through automatic bounds checking
  • Stack canaries — random values placed before return addresses that detect corruption before control transfer
  • Address Space Layout Randomization (ASLR) — randomizes memory locations making exploitation less reliable
  • Data Execution Prevention (DEP/NX) — marks memory regions as non-executable, preventing direct shellcode execution
  • Bounds checking — validate input sizes before copying, use safe functions like strncpy instead of strcpy
  • Fuzzing and static analysis — automated testing to discover overflows before deployment

Recent CVEs (5402)

CVE-2025-4790
EPSS 0% CVSS 6.9
MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Freefloat Ftp Server
NVD VulDB
CVE-2025-4789
EPSS 0% CVSS 6.9
MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Freefloat Ftp Server
NVD VulDB
CVE-2025-4788
EPSS 0% CVSS 6.9
MEDIUM POC This Month

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Freefloat Ftp Server
NVD VulDB
CVE-2025-40906
EPSS 1% CVSS 9.8
CRITICAL This Week

BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow
NVD
CVE-2025-40907
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Fcgi +2
NVD GitHub
CVE-2025-48175
EPSS 0% CVSS 4.5
MEDIUM POC PATCH Monitor

In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required. Public exploit code available.

Integer Overflow Buffer Overflow Libavif +1
NVD GitHub
CVE-2025-48174
EPSS 0% CVSS 4.5
MEDIUM PATCH Monitor

In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required.

Integer Overflow Buffer Overflow Libavif +1
NVD GitHub
CVE-2025-4733
EPSS 1% CVSS 8.7
HIGH This Month

A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow A3002r Firmware A3002ru Firmware +1
NVD GitHub VulDB
CVE-2025-4732
EPSS 1% CVSS 8.7
HIGH This Month

A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow A3002r Firmware A3002ru Firmware +1
NVD GitHub VulDB
CVE-2025-4731
EPSS 1% CVSS 8.7
HIGH This Month

A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow A3002r Firmware A3002ru Firmware +1
NVD GitHub VulDB
CVE-2025-4730
EPSS 1% CVSS 8.7
HIGH This Month

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow A3002r Firmware A3002ru Firmware +1
NVD GitHub VulDB
CVE-2025-30421
EPSS 0% CVSS 8.5
HIGH This Month

There is a memory corruption vulnerability due to a stack-based buffer overflow in DrObjectStorage::XML_Serialize() when using the SymbolEditor in NI Circuit Design Suite. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow RCE +2
NVD
CVE-2025-30420
EPSS 0% CVSS 8.5
HIGH This Month

There is a memory corruption vulnerability due to an out of bounds read in Bitmap::InternalDraw() when using the SymbolEditor in NI Circuit Design Suite. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow RCE +1
NVD
CVE-2025-30419
EPSS 0% CVSS 8.5
HIGH This Week

There is a memory corruption vulnerability due to an out of bounds read in GetSymbolBorderRectSize() when using the SymbolEditor in NI Circuit Design Suite. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow RCE +1
NVD
CVE-2025-30418
EPSS 0% CVSS 8.5
HIGH This Week

There is a memory corruption vulnerability due to an out of bounds write in CheckPins() when using the SymbolEditor in NI Circuit Design Suite. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Buffer Overflow +2
NVD
CVE-2025-30417
EPSS 0% CVSS 8.5
HIGH This Week

There is a memory corruption vulnerability due to an out of bounds write in Library!DecodeBase64() when using the SymbolEditor in NI Circuit Design Suite. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Buffer Overflow +2
NVD
CVE-2024-52879
EPSS 0% CVSS 7.5
HIGH This Month

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Insydeh2o
NVD
CVE-2024-52878
EPSS 0% CVSS 7.5
HIGH This Month

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Insydeh2o
NVD
CVE-2024-52877
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Insydeh2o
NVD
CVE-2025-44879
EPSS 1% CVSS 7.5
HIGH This Month

WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service
NVD
CVE-2025-27891
EPSS 0% CVSS 9.1
CRITICAL This Week

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300,. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +17
NVD
CVE-2024-56427
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +18
NVD
CVE-2024-55569
EPSS 0% CVSS 7.5
HIGH This Month

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Samsung +17
NVD
CVE-2025-4640
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Buffer Overflow
NVD GitHub
CVE-2025-2900
EPSS 0% CVSS 7.5
HIGH PATCH This Week

IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow IBM +3
NVD
CVE-2025-4638
EPSS 0% CVSS 9.2
CRITICAL PATCH This Week

A vulnerability exists in the inftrees.c component of the zlib library, which is bundled within the PointCloudLibrary (PCL). Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Point Cloud Library Redhat +1
NVD GitHub
CVE-2025-46785
EPSS 0% CVSS 6.5
MEDIUM This Month

Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Denial Of Service +6
NVD
CVE-2025-26785
EPSS 0% CVSS 7.5
HIGH This Month

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Samsung +17
NVD
CVE-2025-26784
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Samsung +17
NVD
CVE-2025-47436
EPSS 0% CVSS 6.0
MEDIUM This Month

Heap-based Buffer Overflow vulnerability in Apache ORC. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Apache +1
NVD
CVE-2025-43572
EPSS 0% CVSS 7.8
HIGH This Week

Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-43569
EPSS 0% CVSS 7.8
HIGH This Month

Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-43554
EPSS 0% CVSS 7.8
HIGH This Week

Substance3D - Modeler versions 1.21.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-43551
EPSS 0% CVSS 5.5
MEDIUM This Month

Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Substance 3d Stager
NVD
CVE-2025-43548
EPSS 0% CVSS 7.8
HIGH This Week

Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-20618
EPSS 0% CVSS 8.3
HIGH This Week

Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Intel Buffer Overflow +4
NVD
CVE-2025-20101
EPSS 0% CVSS 6.9
MEDIUM This Month

Out-of-bounds read for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable information disclosure or denial of service via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Buffer Overflow +1
NVD
CVE-2025-20026
EPSS 0% CVSS 7.0
HIGH This Week

Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Intel Buffer Overflow +4
NVD
CVE-2024-36292
EPSS 0% CVSS 8.2
HIGH This Week

Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Intel Buffer Overflow +2
NVD
CVE-2024-31150
EPSS 0% CVSS 4.8
MEDIUM This Month

Out-of-bounds read for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Buffer Overflow
NVD
CVE-2024-29222
EPSS 0% CVSS 5.8
MEDIUM This Month

Out-of-bounds write for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Intel +1
NVD
CVE-2025-45863
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A3002r Firmware TOTOLINK
NVD GitHub
CVE-2025-45865
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the dnsaddr parameter in the formDhcpv6s interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A3002r Firmware TOTOLINK
NVD GitHub
CVE-2025-45861
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A3002r Firmware TOTOLINK
NVD GitHub
CVE-2025-30330
EPSS 0% CVSS 7.8
HIGH This Week

Illustrator versions 29.3, 28.7.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
CVE-2025-30328
EPSS 0% CVSS 7.8
HIGH This Week

Animate versions 24.0.8, 23.0.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-30322
EPSS 0% CVSS 7.8
HIGH This Week

Substance3D - Painter versions 11.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-27197
EPSS 0% CVSS 7.8
HIGH This Week

Lightroom Desktop versions 8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-32707
EPSS 1% CVSS 7.8
HIGH This Week

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +8
NVD
CVE-2025-32705
EPSS 1% CVSS 7.8
HIGH This Week

Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +2
NVD
CVE-2025-32704
EPSS 1% CVSS 8.4
HIGH This Week

Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow 365 Apps +3
NVD
CVE-2025-30388
EPSS 1% CVSS 7.8
HIGH This Month

Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +18
NVD
CVE-2025-30381
EPSS 1% CVSS 7.8
HIGH This Week

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +5
NVD
CVE-2025-30376
EPSS 1% CVSS 7.8
HIGH This Week

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +5
NVD
CVE-2025-30318
EPSS 0% CVSS 7.8
HIGH This Week

InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
CVE-2025-29979
EPSS 1% CVSS 7.8
HIGH This Month

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +5
NVD
CVE-2025-29974
EPSS 1% CVSS 5.7
MEDIUM This Month

Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +16
NVD
CVE-2025-29971
EPSS 7% CVSS 7.5
HIGH This Week

Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Windows 11 22h2 +3
NVD
CVE-2025-29967
EPSS 2% CVSS 8.8
HIGH This Month

Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Windows 10 1507 +15
NVD
CVE-2025-29966
EPSS 2% CVSS 8.8
HIGH This Month

Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +18
NVD
CVE-2025-29964
EPSS 1% CVSS 8.8
HIGH This Month

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +11
NVD
CVE-2025-29963
EPSS 1% CVSS 8.8
HIGH This Month

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +11
NVD
CVE-2025-29962
EPSS 1% CVSS 8.8
HIGH This Week

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +16
NVD
CVE-2025-29961
EPSS 2% CVSS 6.5
MEDIUM This Month

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +16
NVD
CVE-2025-29960
EPSS 2% CVSS 6.5
MEDIUM This Month

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +16
NVD
CVE-2025-29956
EPSS 0% CVSS 5.4
MEDIUM This Month

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Microsoft Buffer Overflow Windows 10 1507 +15
NVD
CVE-2025-29840
EPSS 1% CVSS 8.8
HIGH This Week

Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Stack Overflow +12
NVD
CVE-2025-29839
EPSS 1% CVSS 4.0
MEDIUM This Month

Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +16
NVD
CVE-2025-29836
EPSS 2% CVSS 6.5
MEDIUM This Month

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +16
NVD
CVE-2025-29835
EPSS 2% CVSS 6.5
MEDIUM This Month

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +16
NVD
CVE-2025-29832
EPSS 2% CVSS 6.5
MEDIUM This Month

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +16
NVD
CVE-2025-24063
EPSS 1% CVSS 7.8
HIGH This Week

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +16
NVD
CVE-2025-45867
EPSS 0% CVSS 5.4
MEDIUM POC This Month

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the static_dns1 parameter in the formIpv6Setup interface. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow A3002r Firmware +1
NVD GitHub
CVE-2025-45866
EPSS 0% CVSS 5.4
MEDIUM POC This Month

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A3002r Firmware TOTOLINK
NVD GitHub
CVE-2025-45864
EPSS 0% CVSS 5.4
MEDIUM POC This Month

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A3002r Firmware TOTOLINK
NVD GitHub
CVE-2025-45859
EPSS 0% CVSS 5.4
MEDIUM POC This Month

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A3002r Firmware TOTOLINK
NVD GitHub
CVE-2025-32756
EPSS 42% CVSS 9.8
CRITICAL KEV THREAT Act Now

Fortinet FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice contain a stack-based buffer overflow enabling unauthenticated remote code execution across multiple Fortinet products.

Buffer Overflow RCE Stack Overflow +6
NVD
CVE-2025-40580
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Rated medium severity (CVSS 5.4). No vendor patch available.

Stack Overflow Buffer Overflow RCE +3
NVD
CVE-2025-40579
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Rated medium severity (CVSS 5.4). No vendor patch available.

Stack Overflow Buffer Overflow RCE +3
NVD
CVE-2025-40578
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Siemens +1
NVD
CVE-2025-40577
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Siemens +1
NVD
CVE-2025-32454
EPSS 0% CVSS 7.3
HIGH This Month

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.14), Teamcenter Visualization V2312 (All versions < V2312.0010), Teamcenter Visualization V2406 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Buffer Overflow Teamcenter Visualization +1
NVD
CVE-2025-30176
EPSS 0% CVSS 8.7
HIGH This Month

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Denial Of Service +5
NVD
CVE-2025-30175
EPSS 0% CVSS 8.7
HIGH This Month

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +5
NVD
CVE-2025-30174
EPSS 0% CVSS 8.7
HIGH This Month

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Denial Of Service +4
NVD
CVE-2025-3916
EPSS 0% CVSS 4.6
MEDIUM Monitor

exploit these issues to potentially execute arbitrary code while the end user opens a malicious project file (SSD file) provided by the attacker. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow
NVD
CVE-2025-31257
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

This issue was addressed with improved memory handling. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Redhat +1
NVD
CVE-2025-31246
EPSS 0% CVSS 8.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Buffer Overflow macOS
NVD
CVE-2025-31238
EPSS 1% CVSS 7.3
HIGH This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow
NVD
CVE-2025-31234
EPSS 1% CVSS 8.2
HIGH This Week

The issue was addressed with improved input sanitization. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow
NVD
Prev Page 42 of 61 Next

Quick Facts

Typical Severity
HIGH
Category
memory
Total CVEs
5402

Related CWEs

MITRE ATT&CK

References

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy