Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-20766

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-27 Apr, 2026 | 23:45
Updated At-28 Apr, 2026 | 14:39
Rejected At-
Credits

Milesight Cameras Heap-based Buffer Overflow

An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:27 Apr, 2026 | 23:45
Updated At:28 Apr, 2026 | 14:39
Rejected At:
▼CVE Numbering Authority (CNA)
Milesight Cameras Heap-based Buffer Overflow

An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.

Affected Products
Vendor
MilesightMilesight
Product
MS-Cxx63-PD
Default Status
unaffected
Versions
Affected
  • From 0 through 51.7.0.77-r12 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx64-xPD
Default Status
unaffected
Versions
Affected
  • From 0 through 51.7.0.77-r12 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx73-xPD
Default Status
unaffected
Versions
Affected
  • From 0 through 51.7.0.77-r12 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx75-xxPD
Default Status
unaffected
Versions
Affected
  • From 0 through 51.7.0.77-r12 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx83-xPD
Default Status
unaffected
Versions
Affected
  • From 0 through 51.7.0.77-r12 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx74-PA
Default Status
unaffected
Versions
Affected
  • From 0 through 3x.8.0.3-r11 (custom)
Vendor
MilesightMilesight
Product
MS-C8477-HPG1
Default Status
unaffected
Versions
Affected
  • From 0 through 63.8.0.4-r3 (custom)
Vendor
MilesightMilesight
Product
MS-C8477-PC
Default Status
unaffected
Versions
Affected
  • From 0 through 48.8.0.4-r3 (custom)
Vendor
MilesightMilesight
Product
MS-C5321-FPE
Default Status
unaffected
Versions
Affected
  • From 0 through 62.8.0.4-r5 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx72-xxxPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx62-xxxPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx52-xxxPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx66-xxxPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx66-xxxGPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx61-xxxPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx67-xxxPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx71-xxxPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx41-xxxPE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx76-PE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx65-PE
Default Status
unaffected
Versions
Affected
  • From 0 through 61.8.0.5-r2 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx66-xxxG1
Default Status
unaffected
Versions
Affected
  • From 0 through 63.8.0.5-r3 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx62-xxxG1
Default Status
unaffected
Versions
Affected
  • From 0 through 63.8.0.5-r3 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx72-xxxG1
Default Status
unaffected
Versions
Affected
  • From 0 through 63.8.0.5-r3 (custom)
Vendor
MilesightMilesight
Product
MS-CQxx31-xxxG1
Default Status
unaffected
Versions
Affected
  • From 0 through CQ_63.8.0.5-r1 (custom)
Vendor
MilesightMilesight
Product
MS-CQxx68-xxxG1
Default Status
unaffected
Versions
Affected
  • From 0 through CQ_63.8.0.5-r1 (custom)
Vendor
MilesightMilesight
Product
MS-CQxx72-xxxG1
Default Status
unaffected
Versions
Affected
  • From 0 through CQ_63.8.0.5-r1 (custom)
Vendor
MilesightMilesight
Product
MS-Nxxxx-NxE
Default Status
unaffected
Versions
Affected
  • From 0 through 7x.9.0.19-r5 (custom)
Vendor
MilesightMilesight
Product
MS-Nxxxx-xxC
Default Status
unaffected
Versions
Affected
  • From 0 through 7x.9.0.19-r5 (custom)
Vendor
MilesightMilesight
Product
MS-Nxxxx-xxE
Default Status
unaffected
Versions
Affected
  • From 0 through 7x.9.0.19-r5 (custom)
Vendor
MilesightMilesight
Product
MS-Nxxxx-xxG
Default Status
unaffected
Versions
Affected
  • From 0 through 7x.9.0.19-r5 (custom)
Vendor
MilesightMilesight
Product
MS-Nxxxx-xxH
Default Status
unaffected
Versions
Affected
  • From 0 through 7x.9.0.19-r5 (custom)
Vendor
MilesightMilesight
Product
MS-Nxxxx-xxT
Default Status
unaffected
Versions
Affected
  • From 0 through 7x.9.0.19-r5 (custom)
Vendor
MilesightMilesight
Product
PMC8266-FPE
Default Status
unaffected
Versions
Affected
  • From 0 through PO_61.8.0.4_LPR (custom)
Vendor
MilesightMilesight
Product
PMC8266-FGPE
Default Status
unaffected
Versions
Affected
  • From 0 through PO_61.8.0.4_LPR (custom)
Vendor
MilesightMilesight
Product
PM3322-E
Default Status
unaffected
Versions
Affected
  • From 0 through PI_61.8.0.3_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4466-X4RIPG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS5366-X12RIPG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS8266-X4RIPG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4466-X4RIVPG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4466-RFIVPG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS8266-X4RIVPG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS8266-RFIVPG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4466-X4RIWG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS8266-X4RIWG1
Default Status
unaffected
Versions
Affected
  • From 0 through T_63.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS5510-GVH
Default Status
unaffected
Versions
Affected
  • From 0 through T_47.8.0.4_LPR-r7 (custom)
Vendor
MilesightMilesight
Product
TS5510-GH
Default Status
unaffected
Versions
Affected
  • From 0 through T_47.8.0.4_LPR-r6 (custom)
Vendor
MilesightMilesight
Product
TS5511-GVH
Default Status
unaffected
Versions
Affected
  • From 0 through T_47.8.0.4_LPR-r6 (custom)
Vendor
MilesightMilesight
Product
TS2966-X12TPE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4466-X4RPE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS5366-X12PE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS8266-X4PE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS2966-X12TVPE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4466-X4RVPE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS5366-X12VPE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS8266-X4VPE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4441-X36RPE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4441-X36RE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS4466-X4RWE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
TS8266-X4WE
Default Status
unaffected
Versions
Affected
  • From 0 through T_61.8.0.4_LPR-r3 (custom)
Vendor
MilesightMilesight
Product
MS-C2964-RFLPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
MS-C2972-RFLPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
MS-C2966-RFLWPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
TS2866-X4TPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
TS2866-X4TVPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
TS2866-X4TGPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
TS2841-X36TPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
TS2841-X36TPC/W
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
TS2867-X5TPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
TS2961-X12TPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
TS8266-FPC/P
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
MS-C2966-X12RLPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
MS-C2966-X12RLVPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
MS-C5366-X12LPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
MS-C5366-X12LVPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
MS-C5361-X12LPC
Default Status
unaffected
Versions
Affected
  • From 0 through T_45.8.0.3-r9 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx66-xxxxGOPC
Default Status
unaffected
Versions
Affected
  • From 0 through 45.8.0.2-AIoT-r4 (custom)
Vendor
MilesightMilesight
Product
SC211
Default Status
unaffected
Versions
Affected
  • From 0 through C_21.1.0.8-r4 (custom)
Vendor
MilesightMilesight
Product
SP111
Default Status
unaffected
Versions
Affected
  • From 0 through 52.8.0.4-r5 (custom)
Vendor
MilesightMilesight
Product
MS-Cxx66-RFIPKG1
Default Status
unaffected
Versions
Affected
  • From 0 through 63.8.0.4-r1-NX (custom)
Vendor
MilesightMilesight
Product
MS-Cxx72-RFIPKG1
Default Status
unaffected
Versions
Affected
  • From 0 through 63.8.0.4-r1-NX (custom)
Vendor
MilesightMilesight
Product
MS-Cxx66-FIPKG1
Default Status
unaffected
Versions
Affected
  • From 0 through 63.8.0.4-r1-NX (custom)
Vendor
MilesightMilesight
Product
MS-Cxx72-FIPKG1
Default Status
unaffected
Versions
Affected
  • From 0 through 63.8.0.4-r1-NX (custom)
Problem Types
TypeCWE IDDescription
CWECWE-122CWE-122
Type: CWE
CWE ID: CWE-122
Description: CWE-122
Metrics
VersionBase scoreBase severityVector
4.08.6HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.  https://www.milesight.com/support/download/firmware MS-Cxx63-PD: Update to 51.7.0.77-r13 MS-Cxx64-xPD: Update to 51.7.0.77-r13 MS-Cxx73-xPD: Update to 51.7.0.77-r13 MS-Cxx75-xxPD: Update to 51.7.0.77-r13 MS-Cxx83-xPD: Update to 51.7.0.77-r13 MS-Cxx74-PA: Update to 3x.8.0.3-r13 MS-C8477-HPG1: Update to 63.8.0.4-r4  MS-C8477-PC: Update to 48.8.0.4-r4 MS-C5321-FPE: Update to 62.8.0.4-r6 MS-Cxx72-xxxPE: Update to 61.8.0.5-r2 MS-Cxx62-xxxPE: Update to 61.8.0.5-r2 MS-Cxx52-xxxPE: Update to 61.8.0.5-r2 MS-Cxx66-xxxPE: Update to 61.8.0.5-r2 MS-Cxx66-xxxGPE: Update to 61.8.0.5-r2 MS-Cxx61-xxxPE: Update to 61.8.0.5-r2 MS-Cxx67-xxxPE: Update to 61.8.0.5-r2 MS-Cxx71-xxxPE: Update to 61.8.0.5-r2 MS-Cxx41-xxxPE: Update to 61.8.0.5-r2 MS-Cxx76-PE: Update to 61.8.0.5-r2 MS-Cxx65-PE: Update to 61.8.0.5-r2 MS-Cxx66-xxxG1: Update to 63.8.0.5-r4 MS-Cxx62-xxxG1: Update to 63.8.0.5-r4 MS-Cxx72-xxxG1: Update to 63.8.0.5-r4 MS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2  MS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2 MS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2 MS-Nxxxx-NxE: Update to 7x.9.0.19-r6 MS-Nxxxx-xxC: Update to 7x.9.0.19-r6 MS-Nxxxx-xxE: Update to 7x.9.0.19-r6 MS-Nxxxx-xxG: Update to 7x.9.0.19-r6 MS-Nxxxx-xxH: Update to 7x.9.0.19-r6 MS-Nxxxx-xxT: Update to 7x.9.0.19-r6 PMC8266-FPE: Update to PO_61.8.0.4-r1 PMC8266-FGPE: Update to PO_61.8.0.4-r1 PM3322-E: Update to PI_61.8.0.3-r5 TS4466-X4RIPG1: Update to T_63.8.0.4-r4  TS5366-X12RIPG1: Update to T_63.8.0.4-r4 TS8266-X4RIPG1: Update to T_63.8.0.4-r4 TS4466-X4RIVPG1: Update to T_63.8.0.4-r4 TS4466-RFIVPG1: Update to T_63.8.0.4-r4 TS8266-X4RIVPG1: Update to T_63.8.0.4-r4 TS8266-RFIVPG1: Update to T_63.8.0.4-r4 TS4466-X4RIWG1: Update to T_63.8.0.4-r4 TS8266-X4RIWG1: Update to T_63.8.0.4-r4 TS5510-GVH: Update to T_47.8.0.4-r8 TS5510-GH: Update to T_47.8.0.4-r8 TS5511-GVH: Update to T_47.8.0.4-r8 TS2966-X12TPE: Update to T_61.8.0.4-r4 TS4466-X4RPE: Update to T_61.8.0.4-r4 TS5366-X12PE: Update to T_61.8.0.4-r4 TS8266-X4PE: Update to T_61.8.0.4-r4 TS2966-X12TVPE: Update to T_61.8.0.4-r4 TS4466-X4RVPE: Update to T_61.8.0.4-r4 TS5366-X12VPE: Update to T_61.8.0.4-r4 TS8266-X4VPE: Update to T_61.8.0.4-r4 TS4441-X36RPE: Update to T_61.8.0.4-r4 TS4441-X36RE: Update to T_61.8.0.4-r4 TS4466-X4RWE: Update to T_61.8.0.4-r4 TS8266-X4WE: Update to T_61.8.0.4-r4 MS-C2964-RFLPC: Update to T_45.8.0.3-r10 MS-C2972-RFLPC: Update to T_45.8.0.3-r10 MS-C2966-RFLWPC: Update to T_45.8.0.3-r10 TS2866-X4TPC: Update to T_45.8.0.3-r10 TS2866-X4TVPC: Update to T_45.8.0.3-r10 TS2866-X4TGPC: Update to T_45.8.0.3-r10 TS2841-X36TPC: Update to T_45.8.0.3-r10 TS2841-X36TPC/W: Update to T_45.8.0.3-r10 TS2867-X5TPC: Update to T_45.8.0.3-r10 TS2961-X12TPC: Update to T_45.8.0.3-r10 TS8266-FPC/P: Update to T_45.8.0.3-r10 MS-C2966-X12RLPC: Update to T_45.8.0.3-r10 MS-C2966-X12RLVPC: Update to T_45.8.0.3-r10 MS-C5366-X12LPC: Update to T_45.8.0.3-r10 MS-C5366-X12LVPC: Update to T_45.8.0.3-r10 MS-C5361-X12LPC: Update to T_45.8.0.3-r10 MS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5 SC211: Update to C_21.1.0.8-r5 SP111: Update to 52.8.0.4-r6 MS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX MS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX MS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX MS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX

Milesight asks all users to report potential security vulnerabilities to security@milesight.com. mailto:security@milesight.com Learn more: Milesight Vulnerability Reporting Policy https://www.milesight.com/legal/vulnerability-report

Configurations
Workarounds
Exploits
Credits
finder
Souvik Kandar reported these vulnerabilities to CISA
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03
N/A
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json
N/A
https://www.milesight.com/support/download/firmware
N/A
Hyperlink: https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03
Resource: N/A
Hyperlink: https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json
Resource: N/A
Hyperlink: https://www.milesight.com/support/download/firmware
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:28 Apr, 2026 | 01:16
Updated At:28 Apr, 2026 | 01:16

An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.6HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-122Primaryics-cert@hq.dhs.gov
CWE ID: CWE-122
Type: Primary
Source: ics-cert@hq.dhs.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.jsonics-cert@hq.dhs.gov
N/A
https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03ics-cert@hq.dhs.gov
N/A
https://www.milesight.com/support/download/firmwareics-cert@hq.dhs.gov
N/A
Hyperlink: https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json
Source: ics-cert@hq.dhs.gov
Resource: N/A
Hyperlink: https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03
Source: ics-cert@hq.dhs.gov
Resource: N/A
Hyperlink: https://www.milesight.com/support/download/firmware
Source: ics-cert@hq.dhs.gov
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

311Records found
CVE-2024-5160
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.39% / 60.16%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 15:11
Updated-13 Feb, 2025 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Fedora ProjectMicrosoft CorporationGoogle LLC
Product-chromewindowsfedoraChromechrome
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40426
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-0.54% / 67.53%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 19:56
Updated-15 Apr, 2025 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-libsox_projectSound Exchange
Product-libsoxlibsox
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-48997
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49007
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49013
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49008
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49006
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49085
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-5.46% / 90.23%
||
7 Day CHG+0.09%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_server_2016windows_server_2012windows_server_2025windows_server_2022windows_server_2019windows_server_2008Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows Server 2025 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2022Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-48996
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.23% / 84.63%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:53
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49001
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49000
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49004
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-24405
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.25%
||
7 Day CHG~0.00%
Published-24 Jan, 2026 | 00:59
Updated-30 Jan, 2026 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has Heap Buffer Overflow in CIccMpeCalculator::Read()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccMpeCalculator::Read(). This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary blobs. Successful exploitation may allow an attacker to perform DoS, manipulate data, bypass application logic and Code Execution. This issue has been fixed in version 2.3.1.2.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CVE-2024-48998
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49005
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-2447
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.02% / 5.19%
||
7 Day CHG~0.00%
Published-16 Feb, 2026 | 14:13
Updated-13 Apr, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap buffer overflow in libvpx

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefox
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49010
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-5.37% / 90.14%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49125
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-1.90% / 83.33%
||
7 Day CHG+0.02%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_server_2025windows_server_2008windows_server_2022windows_server_2022_23h2windows_server_2019Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows Server 2025 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2022Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49102
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.20% / 88.78%
||
7 Day CHG+0.07%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_24h2windows_server_2025windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 10 Version 22H2Windows Server 2012Windows 10 Version 1809Windows 11 version 22H3Windows 11 Version 23H2Windows Server 2008 R2 Service Pack 1Windows 10 Version 1607Windows Server 2016Windows Server 2025 (Server Core installation)Windows 11 Version 24H2Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 1507Windows Server 2022Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-24412
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.25%
||
7 Day CHG~0.00%
Published-24 Jan, 2026 | 01:27
Updated-30 Jan, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has Heap Buffer Overflow in icCurvesFromXml()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml() function. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary blobs. Successful exploitation may allow an attacker to perform DoS, manipulate data, bypass application logic and Code Execution. This issue has been fixed in version 2.3.1.2.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CVE-2024-49011
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-48995
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.23% / 84.63%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:53
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2020-26987
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-4.10% / 88.64%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of TGA files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12016, ZDI-CAN-12017)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-49012
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-48999
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49015
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49009
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-48993
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.23% / 84.63%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-24406
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.25%
||
7 Day CHG~0.00%
Published-24 Jan, 2026 | 01:02
Updated-30 Jan, 2026 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has Heap Buffer Overflow in CIccTagNamedColor2::SetSize()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize(). This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary blobs. Successful exploitation may allow an attacker to perform DoS, manipulate data, bypass application logic and Code Execution. This issue has been fixed in version 2.3.1.2.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CVE-2024-49104
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-5.46% / 90.23%
||
7 Day CHG+0.09%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_24h2windows_server_2025windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 10 Version 22H2Windows Server 2012Windows 10 Version 1809Windows 11 version 22H3Windows 11 Version 23H2Windows Server 2008 R2 Service Pack 1Windows 10 Version 1607Windows Server 2016Windows Server 2025 (Server Core installation)Windows 11 Version 24H2Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 1507Windows Server 2022Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2020-26985
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-4.10% / 88.64%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of RGB and SGI files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11986, ZDI-CAN-11994)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-21190
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.17% / 37.05%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 17:58
Updated-26 Feb, 2026 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Telephony Service Remote Code Execution Vulnerability

Windows Telephony Service Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_1809windows_10_22h2windows_10_21h2windows_server_2022_23h2windows_11_22h2windows_11_23h2windows_10_1607windows_11_24h2windows_server_2025windows_server_2022windows_10_1507windows_server_2019windows_server_2008windows_server_2016Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-48994
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-3.00% / 86.64%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:53
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49017
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.03% / 88.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2017Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 29)Microsoft SQL Server 2016 Service Pack 3 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-49086
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.35% / 88.99%
||
7 Day CHG+0.23%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_server_2016windows_server_2012windows_server_2025windows_server_2022windows_server_2019windows_server_2008Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows Server 2025 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2022Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2020-26986
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-2.06% / 84.00%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of JT files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12014)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-25181
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-0.85% / 74.94%
||
7 Day CHG~0.00%
Published-01 Dec, 2020 | 14:54
Updated-04 Aug, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution.

Action-Not Available
Vendor-we-conn/a
Product-plc_editorWECON PLC Editor
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-2314
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.06% / 16.78%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 18:08
Updated-26 Feb, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Linux Kernel Organization, IncGoogle LLCMicrosoft Corporation
Product-chromelinux_kernelmacoswindowsChrome
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-21682
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.13% / 31.56%
||
7 Day CHG~0.00%
Published-07 Jan, 2026 | 20:58
Updated-14 Jan, 2026 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has heap-buffer-overflow in CIccXmlArrayType::ParseText()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow in `CIccXmlArrayType::ParseText()`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CVE-2026-21676
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.07% / 19.79%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 03:07
Updated-12 Jan, 2026 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has a Heap-based Buffer Overflow in its CIccMBB::Validate() function

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have a Heap-based Buffer Overflow in its CIccMBB::Validate function which checks tag data validity. This issue is fixed in version 2.3.1.1.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-20868
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.13% / 32.06%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:56
Updated-01 Apr, 2026 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_server_2016windows_10_22h2windows_server_2012windows_server_2008windows_11_24h2windows_11_23h2windows_10_1809windows_server_2022windows_server_2025windows_11_25h2windows_server_2022_23h2windows_10_1607windows_server_2019Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows 11 Version 24H2Windows Server 2008 Service Pack 2Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2019 (Server Core installation)Windows 11 version 22H3Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 R2Windows 10 Version 22H2Windows Server 2022Windows Server 2012Windows 11 Version 25H2Windows Server 2025 (Server Core installation)Windows Server 2016Windows 10 Version 1607Windows 11 Version 23H2Windows Server 2016 (Server Core installation)Windows Server 2019Windows 10 Version 1809
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-43518
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-8.06% / 92.16%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:35
Updated-08 Jul, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Telephony Server Remote Code Execution Vulnerability

Windows Telephony Server Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-46426
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.42% / 80.66%
||
7 Day CHG~0.00%
Published-09 Mar, 2024 | 00:00
Updated-26 Sep, 2025 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based Buffer Overflow vulnerability in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) via gf_fwrite component in at utils/os_file.c.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/agpac
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-1145
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 28.86%
||
7 Day CHG~0.00%
Published-19 Jan, 2026 | 08:02
Updated-25 Feb, 2026 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
quickjs-ng quickjs quickjs.c js_typed_array_constructor_ta heap-based overflow

A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function js_typed_array_constructor_ta of the file quickjs.c. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. Patch name: 53aebe66170d545bb6265906fe4324e4477de8b4. It is suggested to install a patch to address this issue.

Action-Not Available
Vendor-quickjs-ngquickjs-ng
Product-quickjsquickjs
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-0822
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 19.31%
||
7 Day CHG~0.00%
Published-10 Jan, 2026 | 13:32
Updated-23 Feb, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The identifier of the patch is 53eefbcd695165a3bd8c584813b472cb4a69fbf5. To fix this issue, it is recommended to deploy a patch.

Action-Not Available
Vendor-quickjs-ngquickjs-ng
Product-quickjsquickjs
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-44429
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-5.99% / 90.72%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:13
Updated-17 Mar, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22226.

Action-Not Available
Vendor-gstreamerGStreamergstreamer
Product-gstreamerGStreamergstreamer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-1861
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.03% / 9.94%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 20:56
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Linux Kernel Organization, IncGoogle LLCMicrosoft Corporation
Product-chromelinux_kernelmacoswindowsChrome
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0999
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.57% / 68.58%
||
7 Day CHG~0.00%
Published-19 Feb, 2025 | 16:55
Updated-07 Apr, 2025 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-43608
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-4.16% / 88.73%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:35
Updated-08 Jul, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_server_2016windows_server_2012windows_server_2022windows_server_2019windows_server_2008Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-43453
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-5.50% / 90.27%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:35
Updated-08 Jul, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_server_2016windows_server_2012windows_server_2022windows_server_2019windows_server_2008Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found