34977 matches found
CVE-2026-45542
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...
CVE-2026-45542 ESF-IDF: Heap buffer overflow in protocomm Security2 over Bluetooth
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...
EUVD-2026-35918
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...
CVE-2026-48291
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-48292
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-47952
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
EUVD-2026-35835
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-48291
Affected software: Format Plugins, versions 1.1.2 and earlier. Root cause: Heap-based buffer overflow. Impact: Arbitrary code execution in the context of the current user. Exploit information: Requires user interaction; a victim must open a malicious file. Notes: Details are taken from the CVE en...
CVE-2026-48292
Format Plugins versions 1.1.2 and earlier are affected by a heap-based buffer overflow that could allow arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). CVSSv3.1 base score 7.8 (HIGH); attack vector LOCAL, privileges...
EUVD-2026-35834
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-48292 Format Plugins | Heap-based Buffer Overflow (CWE-122)
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-47952
Acrobat Reader is affected by a Heap-based Buffer Overflow (CWE-122) in versions 24.001.30365, 26.001.21651 and earlier. The vulnerability could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, with the victim opening a malicious file. N...
CVE-2026-47952 Acrobat Reader | Heap-based Buffer Overflow (CWE-122)
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
CVE-2026-11824 SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...
EUVD-2026-35801
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...
EUVD-2026-35794
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...
EUVD-2026-35474
Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...
EUVD-2026-35519
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...
EUVD-2026-35516
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...
EUVD-2026-35672
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally...