Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59933 | 1 Libvips | 1 Libvips | 2025-12-24 | 7.8 High |
| libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compiled with support for PDF input via poppler, the pdfload operation is affected by a buffer read overflow when parsing the header of a crafted PDF with a page that defines a width but not a height. Those using libvips compiled without support for PDF input are unaffected as well as thosewith support for PDF input via PDFium. This issue is fixed in version 8.17.2. A workaround for those affected is to block the VipsForeignLoadPdf operation via vips_operation_block_set, which is available in most language bindings, or to set VIPS_BLOCK_UNTRUSTED environment variable at runtime, which will block all untrusted loaders including PDF input via poppler. | ||||
| CVE-2025-62560 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2025-12-23 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-62467 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2025-12-23 | 7.8 High |
| Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-62464 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2025-12-23 | 7.8 High |
| Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-62462 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2025-12-23 | 7.8 High |
| Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-62461 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2025-12-23 | 7.8 High |
| Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-62473 | 1 Microsoft | 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more | 2025-12-23 | 6.5 Medium |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2024-30069 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-12-17 | 4.7 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2025-24992 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 5.5 Medium |
| Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-4582 | 1 Rti | 1 Connext Professional | 2025-12-16 | 7.1 High |
| Buffer Over-read, Off-by-one Error vulnerability in RTI Connext Professional (Core Libraries) allows File Manipulation, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.8, from 6.1.0 before 6.1.2.26, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from 4.4a before 5.2.*. | ||||
| CVE-2025-53796 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2025-12-16 | 6.5 Medium |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-59192 | 1 Microsoft | 25 Windows, Windows 10, Windows 10 1507 and 22 more | 2025-12-11 | 7.8 High |
| Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55325 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-12-11 | 5.5 Medium |
| Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-60720 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1607 and 24 more | 2025-12-11 | 7.8 High |
| Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2024-30079 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2025-12-09 | 7.8 High |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||||
| CVE-2024-30071 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2025-12-09 | 4.7 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2024-38071 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2025-12-09 | 7.5 High |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | ||||
| CVE-2019-15167 | 1 Tcpdump | 1 Tcpdump | 2025-12-03 | 9.1 Critical |
| The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. | ||||
| CVE-2025-12106 | 1 Openvpn | 1 Openvpn | 2025-12-01 | 9.1 Critical |
| Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses | ||||
| CVE-2024-53020 | 1 Qualcomm | 468 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 465 more | 2025-11-28 | 8.2 High |
| Information disclosure may occur while decoding the RTP packet with invalid header extension from network. | ||||