PT-2025-50183

Name of the Vulnerable Software and Affected Versions Microsoft Office Word affected versions not specified Description A use after free condition exists in Microsoft Office Word. This allows an unauthorized attacker to execute code locally. The issue enables remote attackers to execute arbitrary...

PT-2025-50150

Name of the Vulnerable Software and Affected Versions Microsoft Windows PowerShell versions prior to December 17, 2025 Description The issue is a command injection flaw in Windows PowerShell that allows an unauthorized attacker to execute code locally. The flaw stems from improper neutralization ...

PT-2025-50178

Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description A type confusion issue exists in Microsoft Office that could allow an unauthorized attacker to execute code locally. The issue enables remote attackers to execute arbitrary code and...

Security Updates for Microsoft Office Online Server (December 2025)

The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities: - Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

PT-2025-50180

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description An issue exists in Microsoft Office Excel where an untrusted pointer dereference can allow an unauthorized attacker to execute code locally. This could enable remote attackers ...

PT-2025-50187

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description A use after free condition exists in Microsoft Office Excel. This allows a local attacker to execute code. The issue enables remote attackers to execute arbitrary code and...

PT-2025-50201

Name of the Vulnerable Software and Affected Versions GitHub Copilot for JetBrains affected versions not specified Description The software is susceptible to a command injection issue due to improper neutralization of special elements used in commands. This allows an unauthorized attacker to...

CVE-2025-54160

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

CVE-2025-54158

Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

CVE-2025-54158

Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

CVE-2025-54160

CVE-2025-54160 affects Synology BeeDrive for desktop before 1.4.2-13960, where an improper limitation of a pathname to a restricted directory (path traversal) allows a local user to execute arbitrary code via unspecified vectors. The issue relates to BeeDrive’s handling of file paths and is explo...

CVE-2025-54160

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

CVE-2025-54158

CVE-2025-54158 affects Synology BeeDrive for desktop prior to 1.4.2-13960. The issue is a missing authentication check in a critical function, enabling local users to potentially execute arbitrary code via unspecified vectors. Multiple connected sources (Red Hat, NVD, CVE lists, and vendor adviso...

CVE-2025-54158

Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

CVE-2025-10101

Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a crafted Mach-O file may allow Local Execution of Code or Denial of Service of antivirus protection. This issue affects Antivirus: from 15.7 before 3.9.2025...

CVE-2025-8351

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98...

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

EUVD-2025-200023

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98...

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

CVE-2025-10101

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Mach-O file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on...