| CVE-2026-44251 |
2026-07-16 |
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions 3.0.0 and above, prior to 4.14.5, a size_t integer underflow in os_crypto/shared/msgs.c:389 al… |
| CVE-2026-40106 |
2026-07-16 |
Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.6.0 and above prior to 4.14.5 contain a heap-based buffer overflow vulnerability in the syschec… |
| CVE-2026-34150 |
2026-07-16 |
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions 1.0.0 and above, prior to 4.14.5, a heap buffer overflow in wazuh-analysisd allows an unauthen… |
| CVE-2026-15449 |
2026-07-16 |
A time-of-check to time-of-use (TOCTOU) flaw in the illumos data-link pseudo-driver (dld) affects handling of the DLDIOC_GETMACPROP and DLDIOC_SETMACPROP ioctls on /dev/dld. drv_ioc_prop_common() in u… |
| CVE-2026-15422 |
2026-07-16 |
The illumos SCTP inbound path performs association lookup for INIT ACK chunks without adequately validating the address parameters carried in the chunk. Since this lookup runs during packet classifica… |
| CVE-2026-50012 |
2026-07-16 |
Squid is a caching proxy for the Web. Prior to 7.6, due to an improper input validation bug in cache digest reply handling (peerDigestSwapInMask in src/peer_digest.cc), Squid is vulnerable to a heap-b… |
| CVE-2026-38755 |
2026-07-15 |
A heap overflow in the evalcommand() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input. |
| CVE-2026-38754 |
2026-07-15 |
A heap overflow in the ifsbreakup() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input. |
| CVE-2026-42533 |
2026-07-15 |
A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map outp… |
| CVE-2026-61464 |
2026-07-15 |
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a heap-based buffer over-write vulnerability that occurs when running an X11 import with a crafted window title, which can result in heap memory corr… |
| CVE-2026-48339 |
2026-07-14 |
Bridge is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction … |
| CVE-2026-48269 |
2026-07-14 |
Premiere Pro is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera… |
| CVE-2026-47471 |
2026-07-14 |
NVIDIA TensorRT-LLM for any platform contains a vulnerability in tensor deserialization, where an attacker could cause a heap based buffer overflow. A successful exploit of this vulnerability might le… |
| CVE-2026-24272 |
2026-07-14 |
NVIDIA TensorRT contains a vulnerability where an attacker might cause an overflow to a heap-based buffer. A successful exploit of this vulnerability might lead to code execution. |
| CVE-2026-24268 |
2026-07-14 |
NVIDIA TensorRT contains a vulnerability where an attacker might cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution. |
| CVE-2026-15767 |
2026-07-14 |
Heap buffer overflow in libyuv in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security sev… |
| CVE-2026-58547 |
2026-07-14 |
Heap-based buffer overflow in Universal Plug and Play (upnp.dll) allows an authorized attacker to elevate privileges locally. |
| CVE-2026-58542 |
2026-07-14 |
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. |
| CVE-2026-58538 |
2026-07-14 |
Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. |
| CVE-2026-58534 |
2026-07-14 |
Heap-based buffer overflow in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. |