High
CVE-2026-25277
Memory corruption while using Strongbox due to buffer overflow.
Tag: Memory Corruption
All CVEs associated with "Memory Corruption". Page 1/71 • 8498 CVEs.
Subscribe CVEs: RSS for “Memory Corruption” · RSS (High+Critical only)
About “Memory Corruption”
A curated feed of “Memory Corruption”-related CVEs appears below. We currently track 8498 CVEs for this tag (all time). In the last 365 days, 696 were published. Average CVSS is 8.1 (all time; 7.4 over 365d), and 82% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-787 - Out-of-bounds Write, CWE-416 - Use After Free.
In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2026-06-01
High
CVE-2026-25276
Memory corruption while using Strongbox due to missing bounds check.
High
CVE-2026-25260
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
High
CVE-2026-25259
Memory corruption while processing multiple IOCTL command for escape operations.
High
CVE-2026-25258
Memory corruption while processing IOCTL calls for escape operations.
High
CVE-2026-24092
Memory Corruption when processing fastboot commands to set display mode.
High
CVE-2026-24091
Memory corruption while processing fastboot commands with improperly formatted input.
High
CVE-2026-24089
Memory corruption while processing fastboot commands with invalid input.
High
CVE-2026-24087
Memory corruption while processing fastboot OEM commands.
High
CVE-2026-24085
Memory Corruption when processing display command line information due to improper initialization of a variable.
Medium
CVE-2025-59614
Memory Corruption when sending random number generator command with insufficient output buffer size.
Medium
CVE-2025-59613
Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
Medium
CVE-2025-59612
Memory corruption in windows drivers while sending incorrect trusted application request
Medium
CVE-2025-59611
Memory corruption in diagnostic services due to absence of input validation
Medium
CVE-2025-59610
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
High
CVE-2025-59606
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
High
CVE-2025-59605
Memory Corruption when processing device identifier strings that exceed the expected maximum length.
High
CVE-2025-59604
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
High
CVE-2026-20452
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with User execution privileges needed. User intera…
2026-05-29
Low
CVE-2026-40510
OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv_process_history() in src/libopensc/card-piv.c that allows physically present attackers to trig…
2026-05-28
High
CVE-2026-9038
A stack-based buffer overflow vulnerability in the charging controller’s signal-processing logic allows an attacker with physical access to the charging interface to supply message fields that exceed…
Medium
CVE-2026-42250
bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corru…
High
CVE-2026-46173
In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASK_DEAD task When an already-exiting task oopses, make_task_dead() currently calls do_task_…
2026-05-27
High
CVE-2026-46081
In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - fix wrong pointer stored by acomp_save_req() acomp_save_req() stores &req->chain in req->base.data. When acomp_re…
Unknown
CVE-2026-45853
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() amdgpu_discovery_get_nps_info() internally allocates me…
2026-05-26
High
CVE-2026-5260
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a sho…
High
CVE-2026-44983
smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocati…
Medium
CVE-2026-42015
A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS#12 bag when app…
High
CVE-2026-7454
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the c…
High
CVE-2026-7452
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the c…
Medium
CVE-2026-7310
A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted…
2026-05-23
Medium
CVE-2026-9301
A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. Th…
Medium
CVE-2026-9300
A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be e…
Medium
CVE-2026-9299
A flaw has been found in omec-project amf up to 2.1.1. Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.go. This manipulation causes memo…
Medium
CVE-2026-9298
A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory…
2026-05-22
Medium
CVE-2026-8997
vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file (vifminfo.json). This flaw occurs because the application lacks a runtime check on the length…
2026-05-20
Medium
CVE-2026-9150
A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could…
2026-05-19
High
CVE-2026-8975
Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these coul…
High
CVE-2026-8974
Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploite…
High
CVE-2026-8973
Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…
2026-05-18
Medium
CVE-2026-8780
A vulnerability was identified in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation…
Medium
CVE-2026-8779
A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement ca…
2026-05-16
Critical
CVE-2020-37239
libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call babl_…
2026-05-15
High
CVE-2026-8696
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbi…
High
CVE-2026-8695
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed b…
2026-05-14
High
CVE-2026-43906
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the H…
Medium
CVE-2026-8295
An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "string_builder::escape_and_append()" when processing very large input strings on p…
2026-05-12
High
CVE-2026-8449
Linux ksmbd contains a remote memory corruption vulnerability in the ACL inheritance path that allows remote clients with directory creation permissions to trigger a heap out-of-bounds read and subse…
High
CVE-2025-12659
The affected applications contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process. (ZD…
Medium
CVE-2026-8349
A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attac…
2026-05-11
High
CVE-2026-42046
libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-boun…
Medium
CVE-2026-28992
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS…
Medium
CVE-2026-28956
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, vision…
2026-05-10
Critical
CVE-2026-7261
In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is configured with SOAP_PERSISTENCE_SESSION, the handler object is persisted acr…
2026-05-09
High
CVE-2026-42311
Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code e…
2026-05-08
Medium
CVE-2022-26523
The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service…
High
CVE-2022-26522
The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service…
2026-05-07
High
CVE-2026-8093
Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary…
High
CVE-2026-8092
Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of th…
Medium
CVE-2026-44407
A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service.
Medium
CVE-2026-44406
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privi…
2026-05-06
High
CVE-2026-43250
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke() The ChipIdea UDC driver can encounter "not page aligned sg buffer" error…
High
CVE-2026-43150
In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models (at…
2026-05-04
High
CVE-2026-29004
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c that allows network-adjacent attac…
Medium
CVE-2026-25266
Memory corruption while processing IOCTL command when device is in power-save state.
High
CVE-2026-24082
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
High
CVE-2025-47408
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
High
CVE-2025-47407
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
High
CVE-2025-47405
Memory corruption when processing camera sensor input/output control codes with invalid output buffers.
Medium
CVE-2025-47404
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
High
CVE-2026-33846
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and…
2026-05-01
Medium
CVE-2026-43045
In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshv_region_pin The current error handling has two issues: First, pin_user_pages_fast() can return a…
High
CVE-2026-31743
In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmp_nvmem: Fix buffer size in DMA and memcpy Buffer size used in dma allocation and memcpy is wrong. It can lead to und…
2026-04-30
Medium
CVE-2026-40951
CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and trigger…
Critical
CVE-2026-33447
CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrit…
Critical
CVE-2026-33446
CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overw…
2026-04-29
High
CVE-2026-7426
Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by…
High
CVE-2026-7111
Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, get…
2026-04-28
High
CVE-2026-7324
Memory safety bugs present in Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitr…
High
CVE-2026-7323
Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
High
CVE-2026-7322
Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
2026-04-26
High
CVE-2026-6786
Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort…
High
CVE-2026-6785
Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume tha…
2026-04-24
High
CVE-2026-41429
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS…
High
CVE-2026-41416
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an integer overflow in media stream buffer size calculation when processing SDP with asymm…
Critical
CVE-2026-31649
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementation unconditionally computes len = no…
2026-04-23
High
CVE-2026-34001
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence() function. An attacker with access to…
2026-04-22
Medium
CVE-2026-6861
A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted SVG (Scalable Vector Graphics) CSS (Cascading Style Sheets) data. A local u…
High
CVE-2026-31530
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of parent_port in cxl_detach_ep() cxl_detach_ep() is called during bottom-up removal when all CXL me…
High
CVE-2026-31433
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in get_file_all_info() for compound requests When a compound request consists of QUERY_DIRECTORY + QUERY…
Medium
CVE-2026-40450
Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit…
2026-04-21
High
CVE-2026-6784
Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t…
2026-04-20
Medium
CVE-2026-26399
A stack-use-after-return issue exists in the Arduino_Core_STM32 library prior to version 1.7.0. The pwm_start() function allocates a TIM_HandleTypeDef structure on the stack and passes its address to…
2026-04-17
High
CVE-2026-32623
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the mo…
High
CVE-2026-6507
A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server config…
2026-04-16
Critical
CVE-2026-27820
zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The z…
2026-04-14
High
CVE-2026-33023
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loa…
2026-04-10
High
CVE-2026-40200
An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number…
Medium
CVE-2026-6067
A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling…
Medium
CVE-2026-31412
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() The `check_command_size_in_blocks()…
2026-04-08
High
CVE-2026-27144
The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves…
Critical
CVE-2026-27143
Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading…
2026-04-07
Low
CVE-2026-34781
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that call clipboard.readImage() may b…
High
CVE-2026-32864
There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3!aligned_free() in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code exec…
High
CVE-2026-32863
There is a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation() in NI LabVIEW. This vulnerability may result in information disclosure or arbitr…
High
CVE-2026-32862
There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr() in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code…
High
CVE-2026-32861
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary cod…
High
CVE-2026-32860
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code…
Critical
CVE-2026-5735
Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exp…
Critical
CVE-2026-5734
Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with e…
Critical
CVE-2026-5731
Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and…
2026-04-06
Low
CVE-2026-34764
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 33.0.0-alpha.1 to before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that use offscre…
High
CVE-2026-21382
Memory Corruption when handling power management requests with improperly sized input/output buffers.
High
CVE-2026-21380
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
High
CVE-2026-21378
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
High
CVE-2026-21376
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
High
CVE-2026-21375
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
High
CVE-2026-21374
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
High
CVE-2026-21373
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
High
CVE-2026-21372
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.