Export limit exceeded: 23070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23070 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-46692 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | 4.1 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been patched in versions 6.9.13-48 and 7.1.2-23. | ||||
| CVE-2026-46520 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | 7.5 High |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 and 7.1.2-23. | ||||
| CVE-2026-45624 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | 5.1 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments. This issue has been patched in versions 6.9.13-47 and 7.1.2-22. | ||||
| CVE-2026-45359 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | 5.7 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been patched in versions 6.9.13-48 and 7.1.2-22. | ||||
| CVE-2026-45358 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | 5.3 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bounds read of a single byte in the meta encoder. This issue has been patched in versions 6.9.13-47 and 7.1.2-22. | ||||
| CVE-2026-42326 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | 5.1 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. This issue has been patched in versions 6.9.13-47 and 7.1.2-22. | ||||
| CVE-2026-45604 | 1 Microsoft | 10 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 7 more | 2026-06-11 | 5.5 Medium |
| Out-of-bounds read in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-44824 | 1 Microsoft | 12 365 Apps, Microsoft 365, Office 2016 and 9 more | 2026-06-11 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-44821 | 1 Microsoft | 12 365 Apps, Microsoft 365, Office 2016 and 9 more | 2026-06-11 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-44819 | 1 Microsoft | 12 365 Apps, Microsoft 365, Office 2016 and 9 more | 2026-06-11 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45606 | 1 Microsoft | 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more | 2026-06-11 | 5.5 Medium |
| Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally. | ||||
| CVE-2026-45457 | 1 Microsoft | 7 365 Apps, Microsoft 365, Office 2021 and 4 more | 2026-06-11 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-44820 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-06-11 | 7.8 High |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-44822 | 1 Microsoft | 12 365 Apps, Excel, Excel 2016 and 9 more | 2026-06-11 | 8.2 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-45469 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-06-11 | 7.8 High |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45485 | 1 Microsoft | 12 365 Apps, Microsoft 365, Office 2016 and 9 more | 2026-06-11 | 3.3 Low |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-45607 | 1 Microsoft | 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more | 2026-06-11 | 8.4 High |
| Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-47635 | 1 Microsoft | 1 Office 2024 | 2026-06-11 | 8.4 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45636 | 1 Microsoft | 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more | 2026-06-11 | 7.8 High |
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-46433 | 2 Lldpd, Lldpd Project | 2 Lldpd, Lldpd | 2026-06-11 | 6.5 Medium |
| lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove() to shift the frame payload 4 bytes left. The third argument (byte count) is s - 2 * ETHER_ADDR_LEN but should be s - 2 * ETHER_ADDR_LEN - 4, causing a 4-byte heap buffer over-read past the malloc(h_mtu) allocation when the received frame size equals the interface MTU. This issue has been patched in version 1.0.22. | ||||