| CVE-2026-45460 |
2026-06-09 |
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. |
| CVE-2026-42828 |
2026-06-09 |
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. |
| CVE-2026-11787 |
2026-06-09 |
A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that m… |
| CVE-2026-44185 |
2026-06-08 |
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server
This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
Users are reco… |
| CVE-2026-45684 |
2026-06-02 |
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by readin… |
| CVE-2025-59609 |
2026-06-01 |
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length. |
| CVE-2026-6575 |
2026-05-14 |
Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintaine… |
| CVE-2026-8463 |
2026-05-13 |
Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in argon2_verify on empty encoded input.
The auto-detect form of argon2_verify passes encoded_len - 1 as the … |
| CVE-2025-47406 |
2026-05-04 |
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size. |
| CVE-2025-47403 |
2026-05-04 |
Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming. |
| CVE-2025-47401 |
2026-05-04 |
Transient DOS when processing target power rate tables during channel configuration. |
| CVE-2026-34059 |
2026-05-04 |
Buffer Over-read vulnerability in Apache HTTP Server.
This issue affects Apache HTTP Server: through 2.4.66.
Users are recommended to upgrade to version 2.4.67, which fixes the issue. |
| CVE-2026-37532 |
2026-05-01 |
AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is extracted from… |
| CVE-2026-6532 |
2026-04-30 |
Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service |
| CVE-2026-6238 |
2026-04-28 |
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing … |
| CVE-2026-41898 |
2026-04-24 |
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback… |
| CVE-2026-0930 |
2026-04-20 |
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which wo… |
| CVE-2026-40341 |
2026-04-18 |
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptp_unpack_EOS_FocusInfoEx could be used to crash libgphoto2 when processing input fr… |
| CVE-2026-26184 |
2026-04-14 |
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally. |
| CVE-2026-26169 |
2026-04-14 |
Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally. |