4230 matches found
PT-2026-47957
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
PT-2026-47943
Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...
PT-2026-48040
Name of the Vulnerable Software and Affected Versions Windows Hyper-V affected versions not specified Description An out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute arbitrary code locally or remotely, affecting the system. An out-of-bounds read occurs when a progr...
Security Updates for Microsoft Office Online Server (June 2026)
The Microsoft Office Online Server or Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Security Updates for Microsoft Excel Products (June 2026)
The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-44817, CVE-2026-44818, CVE-2026-44820,...
PT-2026-47948
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
PT-2026-47950
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
PT-2026-47938
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
PT-2026-47920
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...
PT-2026-48000
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally...
Rrdtool: rrdtool: stack buffer overflow allows local code execution or denial of service
...
CVE-2023-52945
Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...
CVE-2018-25432
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...
CVE-2026-28733
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution...
CVE-2026-44406
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...
CVE-2026-43940
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.7.16, the runWidget function in src/app/widgets/load-widget.js constructs a file path by directly concatenating user‑supplied widget identifiers without any sanitisation. Because runWidget...
CVE-2026-42881
STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution LCE with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run th...
CVE-2026-20753
Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements a...
CVE-2026-20794
Buffer overflow for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This...
Linux Distros Unpatched Vulnerability : CVE-2026-11072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium...