Total
372 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54901 | 1 Microsoft | 8 365, 365 Apps, Excel and 5 more | 2025-09-18 | 5.5 Medium |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-53806 | 2025-09-18 | 6.5 Medium | ||
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53796 | 2025-09-18 | 6.5 Medium | ||
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53798 | 2025-09-18 | 6.5 Medium | ||
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53797 | 2025-09-18 | 6.5 Medium | ||
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53736 | 1 Microsoft | 15 365, 365 Apps, Office and 12 more | 2025-09-17 | 6.8 Medium |
| Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2024-12975 | 2025-09-16 | N/A | ||
| A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface. | ||||
| CVE-2025-32704 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-09-10 | 8.4 High |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-29956 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-10 | 5.4 Medium |
| Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network. | ||||
| CVE-2025-21176 | 4 Apple, Linux, Microsoft and 1 more | 22 Macos, Linux Kernel, .net and 19 more | 2025-09-09 | 8.8 High |
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2025-21277 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 7.5 High |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||||
| CVE-2025-21271 | 1 Microsoft | 5 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 2 more | 2025-09-09 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2025-36855 | 1 Microsoft | 1 .net | 2025-09-09 | 8.8 High |
| A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due to buffer over-read. Per CWE-126: Buffer Over-read https://cwe.mitre.org/data/definitions/126.html , Buffer Over-read is when a product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. This issue affects EOL ASP.NET 6.0.0 <= 6.0.36 as represented in this CVE, as well as 8.0.0 <= 8.0.11 & <= 9.0.0 as represented in CVE-2025-21176. Additionally, if you've deployed self-contained applications https://docs.microsoft.com/dotnet/core/deploying/#self-contained-deployments-scd targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry. | ||||
| CVE-2024-7347 | 2 F5, Redhat | 4 Nginx Open Source, Nginx Plus, Enterprise Linux and 1 more | 2025-09-05 | 4.7 Medium |
| NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-30039 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-27 | 5.5 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2024-31082 | 1 Redhat | 1 Enterprise Linux | 2025-08-27 | 7.3 High |
| A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | ||||
| CVE-2025-49684 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-23 | 5.5 Medium |
| Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-49659 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-23 | 7.8 High |
| Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-47973 | 1 Microsoft | 18 Windows, Windows 10, Windows 10 1507 and 15 more | 2025-08-23 | 7.8 High |
| Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-47971 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-23 | 7.8 High |
| Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. | ||||