Search Results (2908 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-2007 1 Postgresql 1 Postgresql 2026-02-13 8.2 High
Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and 18.0 are affected.
CVE-2026-26011 1 Ros-navigation 1 Navigation2 2026-02-13 N/A
navigation2 is a ROS 2 Navigation Framework and System. In 1.3.11 and earlier, a critical heap out-of-bounds write vulnerability exists in Nav2 AMCL's particle filter clustering logic. By publishing a single crafted geometry_msgs/PoseWithCovarianceStamped message with extreme covariance values to the /initialpose topic, an unauthenticated attacker on the same ROS 2 DDS domain can trigger a negative index write (set->clusters[-1]) into heap memory preceding the allocated buffer. In Release builds, the sole boundary check (assert) is compiled out, leaving zero runtime protection. This primitive allows controlled corruption of the heap chunk metadata(at least the size of the heap chunk where the set->clusters is in is controllable by the attacker), potentially leading to further exploitation. At minimum, it provides a reliable single-packet denial of service that kills localization and halts all navigation.
CVE-2019-25327 1 Mersenne Research, Inc 1 Prime95 2026-02-13 9.8 Critical
Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the PrimeNet user ID and proxy host fields to trigger a bind shell on port 3110.
CVE-2023-4911 6 Canonical, Debian, Fedoraproject and 3 more 43 Ubuntu Linux, Debian Linux, Fedora and 40 more 2026-02-13 7.8 High
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
CVE-2025-62201 1 Microsoft 14 365, 365 Apps, Excel and 11 more 2026-02-13 7.8 High
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-60724 1 Microsoft 31 Graphics Component, Office, Office For Mac and 28 more 2026-02-13 9.8 Critical
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
CVE-2025-60715 1 Microsoft 28 Remote, Windows, Windows 10 and 25 more 2026-02-13 8 High
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2025-60714 1 Microsoft 22 Windows, Windows 10, Windows 10 1607 and 19 more 2026-02-13 7.8 High
Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.
CVE-2025-62452 1 Microsoft 26 Windows, Windows 10, Windows 10 1607 and 23 more 2026-02-13 8 High
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2025-62220 1 Microsoft 3 Windows, Windows Subsystem For Linux, Windows Subsystem For Linux Gui 2026-02-13 8.8 High
Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.
CVE-2025-59504 1 Microsoft 2 Azure Monitor, Azure Monitor Agent 2026-02-13 7.3 High
Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.
CVE-2026-25646 2 Libpng, Pnggroup 2 Libpng, Libpng 2026-02-13 8.1 High
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer. The images that trigger this vulnerability are valid per the PNG specification. This vulnerability is fixed in 1.6.55.
CVE-2026-20957 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-02-13 7.8 High
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20868 1 Microsoft 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more 2026-02-13 8.8 High
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2026-20922 1 Microsoft 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more 2026-02-13 7.8 High
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
CVE-2026-20876 1 Microsoft 9 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 6 more 2026-02-13 6.7 Medium
Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVE-2026-20864 1 Microsoft 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more 2026-02-13 7.8 High
Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
CVE-2026-20840 1 Microsoft 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more 2026-02-13 7.8 High
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
CVE-2026-20837 1 Microsoft 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more 2026-02-13 7.8 High
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.
CVE-2026-20820 1 Microsoft 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more 2026-02-13 7.8 High
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.