66341 matches found
CVE-2026-7383
Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...
CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service
Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion. The version parser converts numeric version components major, minor, patch and numeric...
CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service
Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion. The version parser converts numeric version components major, minor, patch and numeric...
Windows Graphics Component Remote Code Execution Vulnerability
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...
Windows Performance Monitor Remote Code Execution Vulnerability
Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...
Windows Graphics Component Remote Code Execution Vulnerability
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...
Windows Performance Monitor Remote Code Execution Vulnerability
Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...
NT OS Kernel Elevation of Privilege Vulnerability
Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...
NT OS Kernel Elevation of Privilege Vulnerability
Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...
Microsoft Excel Remote Code Execution Vulnerability
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Windows Internet (wininet.dll) Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows Internet wininet.dll allows an authorized attacker to elevate privileges locally...
Windows Kerberos Key Distribution Center (KDC) Remote Code Execution
Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network...
libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob
A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...
CVE-2026-41849
An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language SpEL. An attacker can exploit this by supplying a specially crafted SpEL expression that triggers excessive resource consumption, resulting in a Denial of Service DoS. Affected versions: Spring...
CVE-2026-41849 Spring Framework Denial of Service via Integer Overflow in SpEL Expressions
An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language SpEL. An attacker can exploit this by supplying a specially crafted SpEL expression that triggers excessive resource consumption, resulting in a Denial of Service DoS. Affected versions: Spring...
EUVD-2026-35337
An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language SpEL. An attacker can exploit this by supplying a specially crafted SpEL expression that triggers excessive resource consumption, resulting in a Denial of Service DoS. Affected versions: Spring...