Total
8024 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49601 | 2025-07-08 | 4.8 Medium | ||
| In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input. | ||||
| CVE-2025-20687 | 2025-07-08 | 5.5 Medium | ||
| In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418045; Issue ID: MSV-3481. | ||||
| CVE-2025-40739 | 2025-07-08 | 7.8 High | ||
| A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2025-24065 | 1 Microsoft | 10 Windows 10 1507, Windows 10 22h2, Windows 11 22h2 and 7 more | 2025-07-08 | 5.5 Medium |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | ||||
| CVE-2023-42101 | 1 Ashlar | 1 Cobalt | 2025-07-08 | N/A |
| Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-20418. | ||||
| CVE-2025-30376 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-07-08 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-30381 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-07-08 | 7.8 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-32707 | 1 Microsoft | 7 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 4 more | 2025-07-08 | 7.8 High |
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-32705 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-07-08 | 7.8 High |
| Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-32704 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-07-08 | 8.4 High |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-29974 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 5.7 Medium |
| Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. | ||||
| CVE-2025-29961 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 6.5 Medium |
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-29956 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 5.4 Medium |
| Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network. | ||||
| CVE-2025-29839 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 4 Medium |
| Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-29836 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 6.5 Medium |
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-29835 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 6.5 Medium |
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-29832 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 6.5 Medium |
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-29971 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 | 2025-07-08 | 7.5 High |
| Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2025-29960 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 6.5 Medium |
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2024-49028 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-07-08 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||